pyupgrade changes for Python3.9+
As discussed at the Epoxy PTG meeting, run an automated upgrade tool to make code python 3.9+ compliant. This patch is for pylint. Result of running: $ pyupgrade --py39-plus $(git ls-files | grep ".py$") Fixed PEP8 errors introduced by pyupgrade by running: $ autopep8 --select=E127,E128,E501 --max-line-length 79 -r \ --in-place neutron_vpnaas Also did manual updates as necessary to fix other errors and warnings after above commands. Inspired by Octavia and Nova [0]. [0] https://review.opendev.org/c/openstack/nova/+/896986 Change-Id: I610efe1a9f20a2a799c40bcf62b98e65e70f0982
This commit is contained in:
elajkat
parent
960cf21df8
commit
00ef4b0867
@ -37,7 +37,6 @@ disable=
|
|||||||
expression-not-assigned,
|
expression-not-assigned,
|
||||||
fixme,
|
fixme,
|
||||||
global-statement,
|
global-statement,
|
||||||
non-parent-init-called,
|
|
||||||
not-callable,
|
not-callable,
|
||||||
protected-access,
|
protected-access,
|
||||||
redefined-builtin,
|
redefined-builtin,
|
||||||
@ -89,8 +88,6 @@ disable=
|
|||||||
too-many-return-statements,
|
too-many-return-statements,
|
||||||
too-many-statements,
|
too-many-statements,
|
||||||
consider-using-set-comprehension,
|
consider-using-set-comprehension,
|
||||||
useless-object-inheritance,
|
|
||||||
super-with-arguments,
|
|
||||||
use-dict-literal
|
use-dict-literal
|
||||||
|
|
||||||
[BASIC]
|
[BASIC]
|
||||||
|
|||||||
@ -1,4 +1,3 @@
|
|||||||
# -*- coding: utf-8 -*-
|
|
||||||
# Copyright (c) 2010 OpenStack Foundation.
|
# Copyright (c) 2010 OpenStack Foundation.
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
|||||||
@ -63,7 +63,7 @@ class VPNAgentOvnSbIdl(ovsdb_monitor.OvnIdl):
|
|||||||
return impl_idl_ovn.OvsdbSbOvnIdl(conn)
|
return impl_idl_ovn.OvsdbSbOvnIdl(conn)
|
||||||
|
|
||||||
|
|
||||||
class VPNAgentOvsIdl(object):
|
class VPNAgentOvsIdl:
|
||||||
|
|
||||||
def start(self):
|
def start(self):
|
||||||
connection_string = config.cfg.CONF.ovs.ovsdb_connection
|
connection_string = config.cfg.CONF.ovs.ovsdb_connection
|
||||||
|
|||||||
@ -23,7 +23,7 @@ from neutron_vpnaas.services.vpn.common import topics
|
|||||||
AGENT_NOTIFY_MAX_ATTEMPTS = 2
|
AGENT_NOTIFY_MAX_ATTEMPTS = 2
|
||||||
|
|
||||||
|
|
||||||
class VPNAgentNotifyAPI(object):
|
class VPNAgentNotifyAPI:
|
||||||
"""API for plugin to notify VPN agent."""
|
"""API for plugin to notify VPN agent."""
|
||||||
|
|
||||||
def __init__(self, topic=topics.IPSEC_AGENT_TOPIC):
|
def __init__(self, topic=topics.IPSEC_AGENT_TOPIC):
|
||||||
|
|||||||
@ -311,7 +311,7 @@ class VPNAgentSchedulerDbMixin(
|
|||||||
if router_ids:
|
if router_ids:
|
||||||
return {'routers':
|
return {'routers':
|
||||||
self.l3_plugin.get_routers(context,
|
self.l3_plugin.get_routers(context,
|
||||||
filters={'id': router_ids})}
|
filters={'id': router_ids})}
|
||||||
else:
|
else:
|
||||||
# Exception will be thrown if the requested agent does not exist.
|
# Exception will be thrown if the requested agent does not exist.
|
||||||
self.core_plugin.get_agent(context, agent_id)
|
self.core_plugin.get_agent(context, agent_id)
|
||||||
|
|||||||
@ -228,9 +228,9 @@ class VPNPluginDb(vpnaas.VPNPluginBase,
|
|||||||
if "peer_cidrs" in ipsec_sitecon:
|
if "peer_cidrs" in ipsec_sitecon:
|
||||||
changed_peer_cidrs = True
|
changed_peer_cidrs = True
|
||||||
old_peer_cidr_list = ipsec_site_conn_db['peer_cidrs']
|
old_peer_cidr_list = ipsec_site_conn_db['peer_cidrs']
|
||||||
old_peer_cidr_dict = dict(
|
old_peer_cidr_dict = {
|
||||||
(peer_cidr['cidr'], peer_cidr)
|
peer_cidr['cidr']: peer_cidr
|
||||||
for peer_cidr in old_peer_cidr_list)
|
for peer_cidr in old_peer_cidr_list}
|
||||||
new_peer_cidr_set = set(ipsec_sitecon["peer_cidrs"])
|
new_peer_cidr_set = set(ipsec_sitecon["peer_cidrs"])
|
||||||
old_peer_cidr_set = set(old_peer_cidr_dict)
|
old_peer_cidr_set = set(old_peer_cidr_dict)
|
||||||
|
|
||||||
@ -615,8 +615,8 @@ class VPNPluginDb(vpnaas.VPNPluginBase,
|
|||||||
query = query.join(
|
query = query.join(
|
||||||
vpn_models.VPNEndpoint,
|
vpn_models.VPNEndpoint,
|
||||||
sa.and_(vpn_models.VPNEndpoint.endpoint_group_id ==
|
sa.and_(vpn_models.VPNEndpoint.endpoint_group_id ==
|
||||||
vpn_models.VPNEndpointGroup.id,
|
vpn_models.VPNEndpointGroup.id,
|
||||||
vpn_models.VPNEndpoint.endpoint == subnet_id))
|
vpn_models.VPNEndpoint.endpoint == subnet_id))
|
||||||
group = query.first()
|
group = query.first()
|
||||||
if group:
|
if group:
|
||||||
raise vpn_exception.SubnetInUseByEndpointGroup(
|
raise vpn_exception.SubnetInUseByEndpointGroup(
|
||||||
@ -714,7 +714,7 @@ class VPNPluginDb(vpnaas.VPNPluginBase,
|
|||||||
return cidrs
|
return cidrs
|
||||||
|
|
||||||
|
|
||||||
class VPNPluginRpcDbMixin(object):
|
class VPNPluginRpcDbMixin:
|
||||||
def _build_local_subnet_cidr_map(self, context):
|
def _build_local_subnet_cidr_map(self, context):
|
||||||
"""Build a dict of all local endpoint subnets, with list of CIDRs."""
|
"""Build a dict of all local endpoint subnets, with list of CIDRs."""
|
||||||
query = context.session.query(models_v2.Subnet.id,
|
query = context.session.query(models_v2.Subnet.id,
|
||||||
|
|||||||
@ -80,7 +80,7 @@ class VPNExtGW(model_base.BASEV2, model_base.HasId, model_base.HasProject):
|
|||||||
|
|
||||||
|
|
||||||
@registry.has_registry_receivers
|
@registry.has_registry_receivers
|
||||||
class VPNExtGWPlugin_db(object):
|
class VPNExtGWPlugin_db:
|
||||||
"""DB class to support vpn external ports configuration."""
|
"""DB class to support vpn external ports configuration."""
|
||||||
|
|
||||||
@property
|
@property
|
||||||
|
|||||||
@ -27,7 +27,7 @@ from neutron_vpnaas._i18n import _
|
|||||||
from neutron_vpnaas.services.vpn.common import constants
|
from neutron_vpnaas.services.vpn.common import constants
|
||||||
|
|
||||||
|
|
||||||
class VpnReferenceValidator(object):
|
class VpnReferenceValidator:
|
||||||
|
|
||||||
"""
|
"""
|
||||||
Baseline validation routines for VPN resources.
|
Baseline validation routines for VPN resources.
|
||||||
@ -118,7 +118,7 @@ class VpnReferenceValidator(object):
|
|||||||
"""
|
"""
|
||||||
if len(local_subnets) == 1:
|
if len(local_subnets) == 1:
|
||||||
return local_subnets[0]['ip_version']
|
return local_subnets[0]['ip_version']
|
||||||
ip_versions = set([subnet['ip_version'] for subnet in local_subnets])
|
ip_versions = {subnet['ip_version'] for subnet in local_subnets}
|
||||||
if len(ip_versions) > 1:
|
if len(ip_versions) > 1:
|
||||||
raise vpn_exception.MixedIPVersionsForIPSecEndpoints(
|
raise vpn_exception.MixedIPVersionsForIPSecEndpoints(
|
||||||
group=group_id)
|
group=group_id)
|
||||||
@ -131,7 +131,7 @@ class VpnReferenceValidator(object):
|
|||||||
"""
|
"""
|
||||||
if len(peer_cidrs) == 1:
|
if len(peer_cidrs) == 1:
|
||||||
return netaddr.IPNetwork(peer_cidrs[0]).version
|
return netaddr.IPNetwork(peer_cidrs[0]).version
|
||||||
ip_versions = set([netaddr.IPNetwork(pc).version for pc in peer_cidrs])
|
ip_versions = {netaddr.IPNetwork(pc).version for pc in peer_cidrs}
|
||||||
if len(ip_versions) > 1:
|
if len(ip_versions) > 1:
|
||||||
raise vpn_exception.MixedIPVersionsForIPSecEndpoints(
|
raise vpn_exception.MixedIPVersionsForIPSecEndpoints(
|
||||||
group=group_id)
|
group=group_id)
|
||||||
@ -149,7 +149,7 @@ class VpnReferenceValidator(object):
|
|||||||
"""Ensure all CIDRs have the same IP version."""
|
"""Ensure all CIDRs have the same IP version."""
|
||||||
if len(peer_cidrs) == 1:
|
if len(peer_cidrs) == 1:
|
||||||
return netaddr.IPNetwork(peer_cidrs[0]).version
|
return netaddr.IPNetwork(peer_cidrs[0]).version
|
||||||
ip_versions = set([netaddr.IPNetwork(pc).version for pc in peer_cidrs])
|
ip_versions = {netaddr.IPNetwork(pc).version for pc in peer_cidrs}
|
||||||
if len(ip_versions) > 1:
|
if len(ip_versions) > 1:
|
||||||
raise vpn_exception.MixedIPVersionsForPeerCidrs()
|
raise vpn_exception.MixedIPVersionsForPeerCidrs()
|
||||||
return ip_versions.pop()
|
return ip_versions.pop()
|
||||||
|
|||||||
@ -63,7 +63,7 @@ class VPNRouterSchedulerController(wsgi.Controller):
|
|||||||
agent_id = kwargs['agent_id']
|
agent_id = kwargs['agent_id']
|
||||||
router_id = body['router_id']
|
router_id = body['router_id']
|
||||||
result = plugin.add_router_to_vpn_agent(request.context, agent_id,
|
result = plugin.add_router_to_vpn_agent(request.context, agent_id,
|
||||||
router_id)
|
router_id)
|
||||||
notify(request.context, 'vpn_agent.router.add', router_id, agent_id)
|
notify(request.context, 'vpn_agent.router.add', router_id, agent_id)
|
||||||
return result
|
return result
|
||||||
|
|
||||||
@ -74,7 +74,7 @@ class VPNRouterSchedulerController(wsgi.Controller):
|
|||||||
{})
|
{})
|
||||||
agent_id = kwargs['agent_id']
|
agent_id = kwargs['agent_id']
|
||||||
result = plugin.remove_router_from_vpn_agent(request.context, agent_id,
|
result = plugin.remove_router_from_vpn_agent(request.context, agent_id,
|
||||||
id)
|
id)
|
||||||
notify(request.context, 'vpn_agent.router.remove', id, agent_id)
|
notify(request.context, 'vpn_agent.router.remove', id, agent_id)
|
||||||
return result
|
return result
|
||||||
|
|
||||||
@ -161,7 +161,7 @@ class RouterReschedulingFailed(exceptions.Conflict):
|
|||||||
"No eligible VPN agent found.")
|
"No eligible VPN agent found.")
|
||||||
|
|
||||||
|
|
||||||
class VPNAgentSchedulerPluginBase(object, metaclass=abc.ABCMeta):
|
class VPNAgentSchedulerPluginBase(metaclass=abc.ABCMeta):
|
||||||
"""REST API to operate the VPN agent scheduler.
|
"""REST API to operate the VPN agent scheduler.
|
||||||
|
|
||||||
All methods must be in an admin context.
|
All methods must be in an admin context.
|
||||||
|
|||||||
@ -36,7 +36,7 @@ class Vpn_endpoint_groups(extensions.APIExtensionDescriptor):
|
|||||||
translate_name=True)
|
translate_name=True)
|
||||||
|
|
||||||
|
|
||||||
class VPNEndpointGroupsPluginBase(object, metaclass=abc.ABCMeta):
|
class VPNEndpointGroupsPluginBase(metaclass=abc.ABCMeta):
|
||||||
|
|
||||||
@abc.abstractmethod
|
@abc.abstractmethod
|
||||||
def create_endpoint_group(self, context, endpoint_group):
|
def create_endpoint_group(self, context, endpoint_group):
|
||||||
|
|||||||
@ -26,7 +26,7 @@ from neutron_vpnaas.extensions import vpn_agentschedulers
|
|||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
class VPNScheduler(object, metaclass=abc.ABCMeta):
|
class VPNScheduler(metaclass=abc.ABCMeta):
|
||||||
@property
|
@property
|
||||||
def l3_plugin(self):
|
def l3_plugin(self):
|
||||||
return directory.get_plugin(plugin_constants.L3)
|
return directory.get_plugin(plugin_constants.L3)
|
||||||
@ -104,7 +104,7 @@ class VPNScheduler(object, metaclass=abc.ABCMeta):
|
|||||||
LOG.debug('VPN service of router %(router_id)s has already '
|
LOG.debug('VPN service of router %(router_id)s has already '
|
||||||
'been hosted by VPN agent %(agent_id)s',
|
'been hosted by VPN agent %(agent_id)s',
|
||||||
{'router_id': router_id,
|
{'router_id': router_id,
|
||||||
'agent_id': chosen_agent})
|
'agent_id': chosen_agent})
|
||||||
return chosen_agent
|
return chosen_agent
|
||||||
|
|
||||||
sync_router = self.l3_plugin.get_router(context, router_id)
|
sync_router = self.l3_plugin.get_router(context, router_id)
|
||||||
|
|||||||
@ -30,11 +30,11 @@ vpn_agent_opts = [
|
|||||||
default=['neutron_vpnaas.services.vpn.device_drivers.'
|
default=['neutron_vpnaas.services.vpn.device_drivers.'
|
||||||
'ipsec.OpenSwanDriver'],
|
'ipsec.OpenSwanDriver'],
|
||||||
sample_default=['neutron_vpnaas.services.vpn.device_drivers.ipsec.'
|
sample_default=['neutron_vpnaas.services.vpn.device_drivers.ipsec.'
|
||||||
'OpenSwanDriver, '
|
'OpenSwanDriver, '
|
||||||
'neutron_vpnaas.services.vpn.device_drivers.'
|
'neutron_vpnaas.services.vpn.device_drivers.'
|
||||||
'strongswan_ipsec.StrongSwanDriver, '
|
'strongswan_ipsec.StrongSwanDriver, '
|
||||||
'neutron_vpnaas.services.vpn.device_drivers.'
|
'neutron_vpnaas.services.vpn.device_drivers.'
|
||||||
'libreswan_ipsec.LibreSwanDriver'],
|
'libreswan_ipsec.LibreSwanDriver'],
|
||||||
help=_("The vpn device drivers Neutron will use")),
|
help=_("The vpn device drivers Neutron will use")),
|
||||||
]
|
]
|
||||||
cfg.CONF.register_opts(vpn_agent_opts, 'vpnagent')
|
cfg.CONF.register_opts(vpn_agent_opts, 'vpnagent')
|
||||||
@ -114,5 +114,4 @@ class L3WithVPNaaS(VPNAgent):
|
|||||||
self.conf = conf
|
self.conf = conf
|
||||||
else:
|
else:
|
||||||
self.conf = cfg.CONF
|
self.conf = cfg.CONF
|
||||||
super(L3WithVPNaaS, self).__init__(
|
super().__init__(host=self.conf.host, conf=self.conf)
|
||||||
host=self.conf.host, conf=self.conf)
|
|
||||||
|
|||||||
@ -15,7 +15,7 @@
|
|||||||
import abc
|
import abc
|
||||||
|
|
||||||
|
|
||||||
class DeviceDriver(object, metaclass=abc.ABCMeta):
|
class DeviceDriver(metaclass=abc.ABCMeta):
|
||||||
|
|
||||||
def __init__(self, agent, host):
|
def __init__(self, agent, host):
|
||||||
pass
|
pass
|
||||||
|
|||||||
@ -136,7 +136,7 @@ def _get_template(template_file):
|
|||||||
return JINJA_ENV.get_template(template_file)
|
return JINJA_ENV.get_template(template_file)
|
||||||
|
|
||||||
|
|
||||||
class BaseSwanProcess(object, metaclass=abc.ABCMeta):
|
class BaseSwanProcess(metaclass=abc.ABCMeta):
|
||||||
"""Swan Family Process Manager
|
"""Swan Family Process Manager
|
||||||
|
|
||||||
This class manages start/restart/stop ipsec process.
|
This class manages start/restart/stop ipsec process.
|
||||||
@ -452,8 +452,7 @@ class OpenSwanProcess(BaseSwanProcess):
|
|||||||
IPSEC_CONF_NAT_TRAVERSAL = "yes"
|
IPSEC_CONF_NAT_TRAVERSAL = "yes"
|
||||||
|
|
||||||
def __init__(self, conf, process_id, vpnservice, namespace):
|
def __init__(self, conf, process_id, vpnservice, namespace):
|
||||||
super(OpenSwanProcess, self).__init__(conf, process_id,
|
super().__init__(conf, process_id, vpnservice, namespace)
|
||||||
vpnservice, namespace)
|
|
||||||
self.secrets_file = os.path.join(
|
self.secrets_file = os.path.join(
|
||||||
self.etc_dir, 'ipsec.secrets')
|
self.etc_dir, 'ipsec.secrets')
|
||||||
self.config_file = os.path.join(
|
self.config_file = os.path.join(
|
||||||
@ -508,7 +507,7 @@ class OpenSwanProcess(BaseSwanProcess):
|
|||||||
# on throwing to tell us something. If the pid file exists,
|
# on throwing to tell us something. If the pid file exists,
|
||||||
# delve into the process information and check if it matches
|
# delve into the process information and check if it matches
|
||||||
# our expected command line.
|
# our expected command line.
|
||||||
with open(self.pid_file, 'r') as f:
|
with open(self.pid_file) as f:
|
||||||
pid = f.readline().strip()
|
pid = f.readline().strip()
|
||||||
with open('/proc/%s/cmdline' % pid) as cmd_line_file:
|
with open('/proc/%s/cmdline' % pid) as cmd_line_file:
|
||||||
cmd_line = cmd_line_file.readline()
|
cmd_line = cmd_line_file.readline()
|
||||||
@ -525,7 +524,7 @@ class OpenSwanProcess(BaseSwanProcess):
|
|||||||
{'pid': pid, 'cmd_line': cmd_line})
|
{'pid': pid, 'cmd_line': cmd_line})
|
||||||
return True
|
return True
|
||||||
|
|
||||||
except IOError as e:
|
except OSError as e:
|
||||||
# This is logged as "info" instead of error because it simply
|
# This is logged as "info" instead of error because it simply
|
||||||
# means that we couldn't find the files to check on them.
|
# means that we couldn't find the files to check on them.
|
||||||
LOG.info('Unable to find control files on startup for '
|
LOG.info('Unable to find control files on startup for '
|
||||||
@ -638,7 +637,7 @@ class OpenSwanProcess(BaseSwanProcess):
|
|||||||
nets += ipsec_site_conn['peer_cidrs']
|
nets += ipsec_site_conn['peer_cidrs']
|
||||||
for net in nets:
|
for net in nets:
|
||||||
version = netaddr.IPNetwork(net).version
|
version = netaddr.IPNetwork(net).version
|
||||||
virtual_privates.append('%%v%s:%s' % (version, net))
|
virtual_privates.append('%v{}:{}'.format(version, net))
|
||||||
virtual_privates.sort()
|
virtual_privates.sort()
|
||||||
return ','.join(virtual_privates)
|
return ','.join(virtual_privates)
|
||||||
|
|
||||||
@ -788,7 +787,7 @@ class OpenSwanProcess(BaseSwanProcess):
|
|||||||
self.connection_status = {}
|
self.connection_status = {}
|
||||||
|
|
||||||
|
|
||||||
class IPsecVpnDriverApi(object):
|
class IPsecVpnDriverApi:
|
||||||
"""IPSecVpnDriver RPC api."""
|
"""IPSecVpnDriver RPC api."""
|
||||||
|
|
||||||
@log_helpers.log_method_call
|
@log_helpers.log_method_call
|
||||||
@ -838,7 +837,7 @@ class IPsecDriver(device_drivers.DeviceDriver, metaclass=abc.ABCMeta):
|
|||||||
self.conn = n_rpc.Connection()
|
self.conn = n_rpc.Connection()
|
||||||
self.context = context.get_admin_context_without_session()
|
self.context = context.get_admin_context_without_session()
|
||||||
self.topic = topics.IPSEC_AGENT_TOPIC
|
self.topic = topics.IPSEC_AGENT_TOPIC
|
||||||
node_topic = '%s.%s' % (self.topic, self.host)
|
node_topic = '{}.{}'.format(self.topic, self.host)
|
||||||
|
|
||||||
self.processes = {}
|
self.processes = {}
|
||||||
self.routers: ty.Dict[str, ty.Any] = {}
|
self.routers: ty.Dict[str, ty.Any] = {}
|
||||||
|
|||||||
@ -28,8 +28,7 @@ class LibreSwanProcess(ipsec.OpenSwanProcess):
|
|||||||
# pylint: disable=useless-super-delegation
|
# pylint: disable=useless-super-delegation
|
||||||
def __init__(self, conf, process_id, vpnservice, namespace):
|
def __init__(self, conf, process_id, vpnservice, namespace):
|
||||||
self._rootwrap_cfg = self._get_rootwrap_config()
|
self._rootwrap_cfg = self._get_rootwrap_config()
|
||||||
super(LibreSwanProcess, self).__init__(conf, process_id,
|
super().__init__(conf, process_id, vpnservice, namespace)
|
||||||
vpnservice, namespace)
|
|
||||||
|
|
||||||
def _ipsec_execute(self, cmd, check_exit_code=True, extra_ok_codes=None):
|
def _ipsec_execute(self, cmd, check_exit_code=True, extra_ok_codes=None):
|
||||||
"""Execute ipsec command on namespace.
|
"""Execute ipsec command on namespace.
|
||||||
@ -41,7 +40,7 @@ class LibreSwanProcess(ipsec.OpenSwanProcess):
|
|||||||
mount_paths = {'/etc': '%s/etc' % self.config_dir,
|
mount_paths = {'/etc': '%s/etc' % self.config_dir,
|
||||||
'/run': '%s/var/run' % self.config_dir}
|
'/run': '%s/var/run' % self.config_dir}
|
||||||
mount_paths_str = ','.join(
|
mount_paths_str = ','.join(
|
||||||
"%s:%s" % (source, target)
|
"{}:{}".format(source, target)
|
||||||
for source, target in mount_paths.items())
|
for source, target in mount_paths.items())
|
||||||
ns_wrapper = self.get_ns_wrapper()
|
ns_wrapper = self.get_ns_wrapper()
|
||||||
return ip_wrapper.netns.execute(
|
return ip_wrapper.netns.execute(
|
||||||
@ -49,7 +48,7 @@ class LibreSwanProcess(ipsec.OpenSwanProcess):
|
|||||||
'--mount_paths=%s' % mount_paths_str,
|
'--mount_paths=%s' % mount_paths_str,
|
||||||
('--rootwrap_config=%s' % self._rootwrap_cfg
|
('--rootwrap_config=%s' % self._rootwrap_cfg
|
||||||
if self._rootwrap_cfg else ''),
|
if self._rootwrap_cfg else ''),
|
||||||
'--cmd=%s,%s' % (self.binary, ','.join(cmd))],
|
'--cmd={},{}'.format(self.binary, ','.join(cmd))],
|
||||||
check_exit_code=check_exit_code,
|
check_exit_code=check_exit_code,
|
||||||
extra_ok_codes=extra_ok_codes)
|
extra_ok_codes=extra_ok_codes)
|
||||||
|
|
||||||
@ -75,7 +74,7 @@ class LibreSwanProcess(ipsec.OpenSwanProcess):
|
|||||||
if os.path.exists(secrets_file):
|
if os.path.exists(secrets_file):
|
||||||
self._execute(['rm', '-f', secrets_file])
|
self._execute(['rm', '-f', secrets_file])
|
||||||
|
|
||||||
super(LibreSwanProcess, self).ensure_configs()
|
super().ensure_configs()
|
||||||
|
|
||||||
# LibreSwan uses the capabilities library to restrict access to
|
# LibreSwan uses the capabilities library to restrict access to
|
||||||
# ipsec.secrets to users that have explicit access. Since pluto is
|
# ipsec.secrets to users that have explicit access. Since pluto is
|
||||||
|
|||||||
@ -38,7 +38,7 @@ PORT_PREFIXES = {
|
|||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
class DeviceManager(object):
|
class DeviceManager:
|
||||||
"""Device Manager for ports in qvpn-xx namespace.
|
"""Device Manager for ports in qvpn-xx namespace.
|
||||||
It is a veth pair, one side in qvpn and the other
|
It is a veth pair, one side in qvpn and the other
|
||||||
side is attached to ovs.
|
side is attached to ovs.
|
||||||
@ -143,7 +143,7 @@ class DeviceManager(object):
|
|||||||
subnet_id = fixed_ip['subnet_id']
|
subnet_id = fixed_ip['subnet_id']
|
||||||
subnet = self.plugin.get_subnet_info(subnet_id)
|
subnet = self.plugin.get_subnet_info(subnet_id)
|
||||||
net = netaddr.IPNetwork(subnet['cidr'])
|
net = netaddr.IPNetwork(subnet['cidr'])
|
||||||
ip_cidr = '%s/%s' % (fixed_ip['ip_address'], net.prefixlen)
|
ip_cidr = '{}/{}'.format(fixed_ip['ip_address'], net.prefixlen)
|
||||||
ip_cidrs.append(ip_cidr)
|
ip_cidrs.append(ip_cidr)
|
||||||
subnets.append(subnet)
|
subnets.append(subnet)
|
||||||
self.driver.init_l3(interface_name, ip_cidrs,
|
self.driver.init_l3(interface_name, ip_cidrs,
|
||||||
@ -172,14 +172,14 @@ class DeviceManager(object):
|
|||||||
|
|
||||||
ip_cidrs = []
|
ip_cidrs = []
|
||||||
for fixed_ip in vpn_port['fixed_ips']:
|
for fixed_ip in vpn_port['fixed_ips']:
|
||||||
ip_cidr = '%s/%s' % (fixed_ip['ip_address'], 28)
|
ip_cidr = '{}/{}'.format(fixed_ip['ip_address'], 28)
|
||||||
ip_cidrs.append(ip_cidr)
|
ip_cidrs.append(ip_cidr)
|
||||||
self.driver.init_l3(interface_name, ip_cidrs,
|
self.driver.init_l3(interface_name, ip_cidrs,
|
||||||
namespace=ns_name)
|
namespace=ns_name)
|
||||||
return interface_name
|
return interface_name
|
||||||
|
|
||||||
|
|
||||||
class NamespaceManager(object):
|
class NamespaceManager:
|
||||||
def __init__(self, use_ipv6=False):
|
def __init__(self, use_ipv6=False):
|
||||||
self.ip_wrapper_root = ip_lib.IPWrapper()
|
self.ip_wrapper_root = ip_lib.IPWrapper()
|
||||||
self.use_ipv6 = use_ipv6
|
self.use_ipv6 = use_ipv6
|
||||||
|
|||||||
@ -82,8 +82,7 @@ class StrongSwanProcess(ipsec.BaseSwanProcess):
|
|||||||
self._strongswan_piddir = self._get_strongswan_piddir()
|
self._strongswan_piddir = self._get_strongswan_piddir()
|
||||||
self._rootwrap_cfg = self._get_rootwrap_config()
|
self._rootwrap_cfg = self._get_rootwrap_config()
|
||||||
LOG.debug("strongswan piddir is '%s'", (self._strongswan_piddir))
|
LOG.debug("strongswan piddir is '%s'", (self._strongswan_piddir))
|
||||||
super(StrongSwanProcess, self).__init__(conf, process_id,
|
super().__init__(conf, process_id, vpnservice, namespace)
|
||||||
vpnservice, namespace)
|
|
||||||
|
|
||||||
def _get_strongswan_piddir(self):
|
def _get_strongswan_piddir(self):
|
||||||
return utils.execute(
|
return utils.execute(
|
||||||
@ -113,7 +112,7 @@ class StrongSwanProcess(ipsec.BaseSwanProcess):
|
|||||||
ns_wrapper = self.get_ns_wrapper()
|
ns_wrapper = self.get_ns_wrapper()
|
||||||
return ip_wrapper.netns.execute(
|
return ip_wrapper.netns.execute(
|
||||||
[ns_wrapper,
|
[ns_wrapper,
|
||||||
'--mount_paths=/etc:%s/etc,%s:%s/var/run' % (
|
'--mount_paths=/etc:{}/etc,{}:{}/var/run'.format(
|
||||||
self.config_dir, self._strongswan_piddir, self.config_dir),
|
self.config_dir, self._strongswan_piddir, self.config_dir),
|
||||||
('--rootwrap_config=%s' % self._rootwrap_cfg
|
('--rootwrap_config=%s' % self._rootwrap_cfg
|
||||||
if self._rootwrap_cfg else ''),
|
if self._rootwrap_cfg else ''),
|
||||||
|
|||||||
@ -73,7 +73,7 @@ class ChassisVPNAgentWriteEvent(ovsdb_monitor.ChassisAgentEvent):
|
|||||||
clear_down=True)
|
clear_down=True)
|
||||||
|
|
||||||
|
|
||||||
class OVNVPNAgentMonitor(object):
|
class OVNVPNAgentMonitor:
|
||||||
def watch_agent_events(self):
|
def watch_agent_events(self):
|
||||||
l3_plugin = directory.get_plugin(plugin_constants.L3)
|
l3_plugin = directory.get_plugin(plugin_constants.L3)
|
||||||
sb_ovn = l3_plugin._sb_ovn
|
sb_ovn = l3_plugin._sb_ovn
|
||||||
|
|||||||
@ -1,4 +1,3 @@
|
|||||||
|
|
||||||
# (c) Copyright 2013 Hewlett-Packard Development Company, L.P.
|
# (c) Copyright 2013 Hewlett-Packard Development Company, L.P.
|
||||||
# All Rights Reserved.
|
# All Rights Reserved.
|
||||||
#
|
#
|
||||||
@ -55,7 +54,7 @@ class VPNDriverPlugin(VPNPlugin, vpn_db.VPNPluginRpcDbMixin):
|
|||||||
"""VpnPlugin which supports VPN Service Drivers."""
|
"""VpnPlugin which supports VPN Service Drivers."""
|
||||||
#TODO(nati) handle ikepolicy and ipsecpolicy update usecase
|
#TODO(nati) handle ikepolicy and ipsecpolicy update usecase
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
super(VPNDriverPlugin, self).__init__()
|
super().__init__()
|
||||||
self.service_type_manager = st_db.ServiceTypeManager.get_instance()
|
self.service_type_manager = st_db.ServiceTypeManager.get_instance()
|
||||||
add_provider_configuration(self.service_type_manager, constants.VPN)
|
add_provider_configuration(self.service_type_manager, constants.VPN)
|
||||||
# Load the service driver from neutron.conf.
|
# Load the service driver from neutron.conf.
|
||||||
@ -167,8 +166,7 @@ class VPNDriverPlugin(VPNPlugin, vpn_db.VPNPluginRpcDbMixin):
|
|||||||
driver.validator.validate_ipsec_site_connection(
|
driver.validator.validate_ipsec_site_connection(
|
||||||
context,
|
context,
|
||||||
ipsec_site_connection['ipsec_site_connection'])
|
ipsec_site_connection['ipsec_site_connection'])
|
||||||
ipsec_site_connection = super(
|
ipsec_site_connection = super().create_ipsec_site_connection(
|
||||||
VPNDriverPlugin, self).create_ipsec_site_connection(
|
|
||||||
context, ipsec_site_connection)
|
context, ipsec_site_connection)
|
||||||
driver.create_ipsec_site_connection(context, ipsec_site_connection)
|
driver.create_ipsec_site_connection(context, ipsec_site_connection)
|
||||||
return ipsec_site_connection
|
return ipsec_site_connection
|
||||||
@ -176,7 +174,7 @@ class VPNDriverPlugin(VPNPlugin, vpn_db.VPNPluginRpcDbMixin):
|
|||||||
def delete_ipsec_site_connection(self, context, ipsec_conn_id):
|
def delete_ipsec_site_connection(self, context, ipsec_conn_id):
|
||||||
ipsec_site_connection = self.get_ipsec_site_connection(
|
ipsec_site_connection = self.get_ipsec_site_connection(
|
||||||
context, ipsec_conn_id)
|
context, ipsec_conn_id)
|
||||||
super(VPNDriverPlugin, self).delete_ipsec_site_connection(
|
super().delete_ipsec_site_connection(
|
||||||
context, ipsec_conn_id)
|
context, ipsec_conn_id)
|
||||||
driver = self._get_driver_for_ipsec_site_connection(
|
driver = self._get_driver_for_ipsec_site_connection(
|
||||||
context, ipsec_site_connection)
|
context, ipsec_site_connection)
|
||||||
@ -192,8 +190,7 @@ class VPNDriverPlugin(VPNPlugin, vpn_db.VPNPluginRpcDbMixin):
|
|||||||
driver.validator.validate_ipsec_site_connection(
|
driver.validator.validate_ipsec_site_connection(
|
||||||
context,
|
context,
|
||||||
ipsec_site_connection['ipsec_site_connection'])
|
ipsec_site_connection['ipsec_site_connection'])
|
||||||
ipsec_site_connection = super(
|
ipsec_site_connection = super().update_ipsec_site_connection(
|
||||||
VPNDriverPlugin, self).update_ipsec_site_connection(
|
|
||||||
context,
|
context,
|
||||||
ipsec_conn_id,
|
ipsec_conn_id,
|
||||||
ipsec_site_connection)
|
ipsec_site_connection)
|
||||||
@ -204,8 +201,7 @@ class VPNDriverPlugin(VPNPlugin, vpn_db.VPNPluginRpcDbMixin):
|
|||||||
def create_vpnservice(self, context, vpnservice):
|
def create_vpnservice(self, context, vpnservice):
|
||||||
provider = self._get_provider_for_flavor(
|
provider = self._get_provider_for_flavor(
|
||||||
context, vpnservice['vpnservice'].get('flavor_id'))
|
context, vpnservice['vpnservice'].get('flavor_id'))
|
||||||
vpnservice = super(
|
vpnservice = super().create_vpnservice(context, vpnservice)
|
||||||
VPNDriverPlugin, self).create_vpnservice(context, vpnservice)
|
|
||||||
self.service_type_manager.add_resource_association(
|
self.service_type_manager.add_resource_association(
|
||||||
context, constants.VPN, provider, vpnservice['id'])
|
context, constants.VPN, provider, vpnservice['id'])
|
||||||
driver = self.drivers[provider]
|
driver = self.drivers[provider]
|
||||||
@ -214,16 +210,15 @@ class VPNDriverPlugin(VPNPlugin, vpn_db.VPNPluginRpcDbMixin):
|
|||||||
|
|
||||||
def update_vpnservice(self, context, vpnservice_id, vpnservice):
|
def update_vpnservice(self, context, vpnservice_id, vpnservice):
|
||||||
old_vpn_service = self.get_vpnservice(context, vpnservice_id)
|
old_vpn_service = self.get_vpnservice(context, vpnservice_id)
|
||||||
new_vpn_service = super(
|
new_vpn_service = super().update_vpnservice(context, vpnservice_id,
|
||||||
VPNDriverPlugin, self).update_vpnservice(context, vpnservice_id,
|
vpnservice)
|
||||||
vpnservice)
|
|
||||||
driver = self._get_driver_for_vpnservice(context, old_vpn_service)
|
driver = self._get_driver_for_vpnservice(context, old_vpn_service)
|
||||||
driver.update_vpnservice(context, old_vpn_service, new_vpn_service)
|
driver.update_vpnservice(context, old_vpn_service, new_vpn_service)
|
||||||
return new_vpn_service
|
return new_vpn_service
|
||||||
|
|
||||||
def delete_vpnservice(self, context, vpnservice_id):
|
def delete_vpnservice(self, context, vpnservice_id):
|
||||||
vpnservice = self._get_vpnservice(context, vpnservice_id)
|
vpnservice = self._get_vpnservice(context, vpnservice_id)
|
||||||
super(VPNDriverPlugin, self).delete_vpnservice(context, vpnservice_id)
|
super().delete_vpnservice(context, vpnservice_id)
|
||||||
driver = self._get_driver_for_vpnservice(context, vpnservice)
|
driver = self._get_driver_for_vpnservice(context, vpnservice)
|
||||||
self.service_type_manager.del_resource_associations(
|
self.service_type_manager.del_resource_associations(
|
||||||
context, [vpnservice_id])
|
context, [vpnservice_id])
|
||||||
|
|||||||
@ -26,7 +26,7 @@ from neutron_vpnaas.services.vpn.service_drivers import driver_validator
|
|||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
class VpnDriver(object, metaclass=abc.ABCMeta):
|
class VpnDriver(metaclass=abc.ABCMeta):
|
||||||
|
|
||||||
def __init__(self, service_plugin, validator=None):
|
def __init__(self, service_plugin, validator=None):
|
||||||
self.service_plugin = service_plugin
|
self.service_plugin = service_plugin
|
||||||
@ -70,7 +70,7 @@ class VpnDriver(object, metaclass=abc.ABCMeta):
|
|||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
class BaseIPsecVpnAgentApi(object):
|
class BaseIPsecVpnAgentApi:
|
||||||
"""Base class for IPSec API to agent."""
|
"""Base class for IPSec API to agent."""
|
||||||
|
|
||||||
def __init__(self, topic, default_version, driver):
|
def __init__(self, topic, default_version, driver):
|
||||||
|
|||||||
@ -31,7 +31,7 @@ IPSEC = 'ipsec'
|
|||||||
BASE_IPSEC_VERSION = '1.0'
|
BASE_IPSEC_VERSION = '1.0'
|
||||||
|
|
||||||
|
|
||||||
class IPsecVpnDriverCallBack(object):
|
class IPsecVpnDriverCallBack:
|
||||||
"""Callback for IPSecVpnDriver rpc."""
|
"""Callback for IPSecVpnDriver rpc."""
|
||||||
|
|
||||||
# history
|
# history
|
||||||
@ -40,7 +40,7 @@ class IPsecVpnDriverCallBack(object):
|
|||||||
target = oslo_messaging.Target(version=BASE_IPSEC_VERSION)
|
target = oslo_messaging.Target(version=BASE_IPSEC_VERSION)
|
||||||
|
|
||||||
def __init__(self, driver):
|
def __init__(self, driver):
|
||||||
super(IPsecVpnDriverCallBack, self).__init__()
|
super().__init__()
|
||||||
self.driver = driver
|
self.driver = driver
|
||||||
|
|
||||||
def _get_agent_hosting_vpn_services(self, context, host):
|
def _get_agent_hosting_vpn_services(self, context, host):
|
||||||
@ -94,15 +94,14 @@ class IPsecVpnAgentApi(service_drivers.BaseIPsecVpnAgentApi):
|
|||||||
|
|
||||||
# pylint: disable=useless-super-delegation
|
# pylint: disable=useless-super-delegation
|
||||||
def __init__(self, topic, default_version, driver):
|
def __init__(self, topic, default_version, driver):
|
||||||
super(IPsecVpnAgentApi, self).__init__(
|
super().__init__(topic, default_version, driver)
|
||||||
topic, default_version, driver)
|
|
||||||
|
|
||||||
|
|
||||||
class BaseIPsecVPNDriver(service_drivers.VpnDriver, metaclass=abc.ABCMeta):
|
class BaseIPsecVPNDriver(service_drivers.VpnDriver, metaclass=abc.ABCMeta):
|
||||||
"""Base VPN Service Driver class."""
|
"""Base VPN Service Driver class."""
|
||||||
|
|
||||||
def __init__(self, service_plugin, validator=None):
|
def __init__(self, service_plugin, validator=None):
|
||||||
super(BaseIPsecVPNDriver, self).__init__(service_plugin, validator)
|
super().__init__(service_plugin, validator)
|
||||||
self.create_rpc_conn()
|
self.create_rpc_conn()
|
||||||
|
|
||||||
@property
|
@property
|
||||||
@ -246,7 +245,8 @@ class BaseIPsecVPNDriver(service_drivers.VpnDriver, metaclass=abc.ABCMeta):
|
|||||||
peer_cidr.cidr
|
peer_cidr.cidr
|
||||||
for peer_cidr in ipsec_site_connection.peer_cidrs]
|
for peer_cidr in ipsec_site_connection.peer_cidrs]
|
||||||
else:
|
else:
|
||||||
local_cidrs = [local_cidr_map[ep.endpoint]
|
local_cidrs = [
|
||||||
|
local_cidr_map[ep.endpoint]
|
||||||
for ep in ipsec_site_connection.local_ep_group.endpoints]
|
for ep in ipsec_site_connection.local_ep_group.endpoints]
|
||||||
peer_cidrs = [
|
peer_cidrs = [
|
||||||
ep.endpoint
|
ep.endpoint
|
||||||
|
|||||||
@ -14,7 +14,7 @@
|
|||||||
#
|
#
|
||||||
|
|
||||||
|
|
||||||
class VpnDriverValidator(object):
|
class VpnDriverValidator:
|
||||||
"""Driver-specific validation routines for VPN resources."""
|
"""Driver-specific validation routines for VPN resources."""
|
||||||
|
|
||||||
def __init__(self, driver):
|
def __init__(self, driver):
|
||||||
|
|||||||
@ -28,9 +28,8 @@ class IPsecVPNDriver(base_ipsec.BaseIPsecVPNDriver):
|
|||||||
"""VPN Service Driver class for IPsec."""
|
"""VPN Service Driver class for IPsec."""
|
||||||
|
|
||||||
def __init__(self, service_plugin):
|
def __init__(self, service_plugin):
|
||||||
super(IPsecVPNDriver, self).__init__(
|
super().__init__(service_plugin,
|
||||||
service_plugin,
|
ipsec_validator.IpsecVpnValidator(self))
|
||||||
ipsec_validator.IpsecVpnValidator(self))
|
|
||||||
|
|
||||||
def create_rpc_conn(self):
|
def create_rpc_conn(self):
|
||||||
self.endpoints = [base_ipsec.IPsecVpnDriverCallBack(self)]
|
self.endpoints = [base_ipsec.IPsecVpnDriverCallBack(self)]
|
||||||
|
|||||||
@ -306,20 +306,20 @@ class BaseOvnIPsecVPNDriver(base_ipsec.BaseIPsecVPNDriver):
|
|||||||
router = self.l3_plugin.get_router(context, router_id)
|
router = self.l3_plugin.get_router(context, router_id)
|
||||||
old_routes = router.get('routes', [])
|
old_routes = router.get('routes', [])
|
||||||
|
|
||||||
old_cidrs = set([r['destination'] for r in old_routes
|
old_cidrs = {r['destination'] for r in old_routes
|
||||||
if r['nexthop'] == nexthop])
|
if r['nexthop'] == nexthop}
|
||||||
new_cidrs = set(
|
new_cidrs = set(
|
||||||
self.service_plugin.get_peer_cidrs_for_router(context, router_id))
|
self.service_plugin.get_peer_cidrs_for_router(context, router_id))
|
||||||
|
|
||||||
to_remove = old_cidrs - new_cidrs
|
to_remove = old_cidrs - new_cidrs
|
||||||
if to_remove:
|
if to_remove:
|
||||||
self.l3_plugin.remove_extraroutes(context, router_id,
|
self.l3_plugin.remove_extraroutes(
|
||||||
self._routes_update(to_remove, nexthop))
|
context, router_id, self._routes_update(to_remove, nexthop))
|
||||||
|
|
||||||
to_add = new_cidrs - old_cidrs
|
to_add = new_cidrs - old_cidrs
|
||||||
if to_add:
|
if to_add:
|
||||||
self.l3_plugin.add_extraroutes(context, router_id,
|
self.l3_plugin.add_extraroutes(
|
||||||
self._routes_update(to_add, nexthop))
|
context, router_id, self._routes_update(to_add, nexthop))
|
||||||
|
|
||||||
def _get_gateway_ips(self, router):
|
def _get_gateway_ips(self, router):
|
||||||
"""Obtain the IPv4 and/or IPv6 GW IP for the router.
|
"""Obtain the IPv4 and/or IPv6 GW IP for the router.
|
||||||
@ -397,13 +397,13 @@ class BaseOvnIPsecVPNDriver(base_ipsec.BaseIPsecVPNDriver):
|
|||||||
gateway_update)
|
gateway_update)
|
||||||
except Exception:
|
except Exception:
|
||||||
self._update_gateway(context, gateway['id'],
|
self._update_gateway(context, gateway['id'],
|
||||||
status=lib_constants.ERROR,
|
status=lib_constants.ERROR,
|
||||||
**gateway_update)
|
**gateway_update)
|
||||||
raise
|
raise
|
||||||
|
|
||||||
self._update_gateway(context, gateway['id'],
|
self._update_gateway(context, gateway['id'],
|
||||||
status=lib_constants.ACTIVE,
|
status=lib_constants.ACTIVE,
|
||||||
**gateway_update)
|
**gateway_update)
|
||||||
|
|
||||||
def _cleanup(self, context, router_id):
|
def _cleanup(self, context, router_id):
|
||||||
gw = self.service_plugin.get_vpn_gw_dict_by_router_id(context,
|
gw = self.service_plugin.get_vpn_gw_dict_by_router_id(context,
|
||||||
|
|||||||
@ -23,7 +23,7 @@ LOG = logging.getLogger(__name__)
|
|||||||
DEVICE_DRIVERS = 'device_drivers'
|
DEVICE_DRIVERS = 'device_drivers'
|
||||||
|
|
||||||
|
|
||||||
class VPNService(object):
|
class VPNService:
|
||||||
"""VPN Service observer."""
|
"""VPN Service observer."""
|
||||||
|
|
||||||
def __init__(self, l3_agent):
|
def __init__(self, l3_agent):
|
||||||
|
|||||||
@ -166,9 +166,9 @@ FAKE_ROUTER = {
|
|||||||
}
|
}
|
||||||
|
|
||||||
# It's a long name.
|
# It's a long name.
|
||||||
NON_ASCII_VPNSERVICE_NAME = u'\u9577\u3044\u540d\u524d\u3067\u3059'
|
NON_ASCII_VPNSERVICE_NAME = '\u9577\u3044\u540d\u524d\u3067\u3059'
|
||||||
# I'm doing very well.
|
# I'm doing very well.
|
||||||
NON_ASCII_PSK = u'\u00e7a va tr\u00e9s bien'
|
NON_ASCII_PSK = '\u00e7a va tr\u00e9s bien'
|
||||||
|
|
||||||
|
|
||||||
def get_ovs_bridge(br_name):
|
def get_ovs_bridge(br_name):
|
||||||
@ -178,7 +178,7 @@ def get_ovs_bridge(br_name):
|
|||||||
Vm = collections.namedtuple('Vm', ['namespace', 'port_ip'])
|
Vm = collections.namedtuple('Vm', ['namespace', 'port_ip'])
|
||||||
|
|
||||||
|
|
||||||
class SiteInfo(object):
|
class SiteInfo:
|
||||||
|
|
||||||
"""Holds info on the router, ports, service, and connection."""
|
"""Holds info on the router, ports, service, and connection."""
|
||||||
|
|
||||||
@ -266,16 +266,16 @@ class SiteInfoWithHaRouter(SiteInfo):
|
|||||||
self.failover_host = failover_host
|
self.failover_host = failover_host
|
||||||
self.get_ns_name = mock.patch.object(n_namespaces.RouterNamespace,
|
self.get_ns_name = mock.patch.object(n_namespaces.RouterNamespace,
|
||||||
'_get_ns_name').start()
|
'_get_ns_name').start()
|
||||||
super(SiteInfoWithHaRouter, self).__init__(public_net, private_nets)
|
super().__init__(public_net, private_nets)
|
||||||
|
|
||||||
def generate_router_info(self):
|
def generate_router_info(self):
|
||||||
super(SiteInfoWithHaRouter, self).generate_router_info()
|
super().generate_router_info()
|
||||||
self.info['ha'] = True
|
self.info['ha'] = True
|
||||||
self.info['ha_vr_id'] = 1
|
self.info['ha_vr_id'] = 1
|
||||||
self.info[constants.HA_INTERFACE_KEY] = (
|
self.info[constants.HA_INTERFACE_KEY] = (
|
||||||
l3_test_common.get_ha_interface())
|
l3_test_common.get_ha_interface())
|
||||||
# Mock router namespace name, for when router is created
|
# Mock router namespace name, for when router is created
|
||||||
self.get_ns_name.return_value = "qrouter-{0}-{1}".format(
|
self.get_ns_name.return_value = "qrouter-{}-{}".format(
|
||||||
self.info['id'], self.host)
|
self.info['id'], self.host)
|
||||||
|
|
||||||
def generate_backup_router_info(self):
|
def generate_backup_router_info(self):
|
||||||
@ -285,7 +285,7 @@ class SiteInfoWithHaRouter(SiteInfo):
|
|||||||
l3_test_common.get_ha_interface(ip='169.254.192.2',
|
l3_test_common.get_ha_interface(ip='169.254.192.2',
|
||||||
mac='22:22:22:22:22:22'))
|
mac='22:22:22:22:22:22'))
|
||||||
# Mock router namespace name, for when router is created
|
# Mock router namespace name, for when router is created
|
||||||
self.get_ns_name.return_value = "qrouter-{0}-{1}".format(
|
self.get_ns_name.return_value = "qrouter-{}-{}".format(
|
||||||
info['id'], self.failover_host)
|
info['id'], self.failover_host)
|
||||||
return info
|
return info
|
||||||
|
|
||||||
@ -294,10 +294,10 @@ class TestIPSecBase(framework.L3AgentTestFramework):
|
|||||||
NESTED_NAMESPACE_SEPARATOR = '@'
|
NESTED_NAMESPACE_SEPARATOR = '@'
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
super(TestIPSecBase, self).setUp()
|
super().setUp()
|
||||||
common_config.register_common_config_options()
|
common_config.register_common_config_options()
|
||||||
mock.patch('neutron_vpnaas.services.vpn.device_drivers.ipsec.'
|
mock.patch('neutron_vpnaas.services.vpn.device_drivers.ipsec.'
|
||||||
'IPsecVpnDriverApi').start()
|
'IPsecVpnDriverApi').start()
|
||||||
# avoid report_status running periodically
|
# avoid report_status running periodically
|
||||||
mock.patch('oslo_service.loopingcall.FixedIntervalLoopingCall').start()
|
mock.patch('oslo_service.loopingcall.FixedIntervalLoopingCall').start()
|
||||||
# Both the vpn agents try to use execute_rootwrap_daemon's socket
|
# Both the vpn agents try to use execute_rootwrap_daemon's socket
|
||||||
@ -368,15 +368,15 @@ class TestIPSecBase(framework.L3AgentTestFramework):
|
|||||||
root=temp_dir)
|
root=temp_dir)
|
||||||
config.set_override('state_path', temp_dir.path)
|
config.set_override('state_path', temp_dir.path)
|
||||||
config.set_override('metadata_proxy_socket',
|
config.set_override('metadata_proxy_socket',
|
||||||
get_temp_file_path('metadata_proxy'))
|
get_temp_file_path('metadata_proxy'))
|
||||||
config.set_override('ha_confs_path',
|
config.set_override('ha_confs_path',
|
||||||
get_temp_file_path('ha_confs'))
|
get_temp_file_path('ha_confs'))
|
||||||
config.set_override('external_pids',
|
config.set_override('external_pids',
|
||||||
get_temp_file_path('external/pids'))
|
get_temp_file_path('external/pids'))
|
||||||
config.set_override('host', host)
|
config.set_override('host', host)
|
||||||
ipsec_config_base_dir = '%s/%s' % (temp_dir.path, 'ipsec')
|
ipsec_config_base_dir = '{}/{}'.format(temp_dir.path, 'ipsec')
|
||||||
config.set_override('config_base_dir',
|
config.set_override('config_base_dir',
|
||||||
ipsec_config_base_dir, group='ipsec')
|
ipsec_config_base_dir, group='ipsec')
|
||||||
|
|
||||||
# Assign ip address to br-int port because it is a gateway
|
# Assign ip address to br-int port because it is a gateway
|
||||||
ex_port = ip_lib.IPDevice(br_int.br_name)
|
ex_port = ip_lib.IPDevice(br_int.br_name)
|
||||||
@ -404,7 +404,7 @@ class TestIPSecBase(framework.L3AgentTestFramework):
|
|||||||
def _append_suffix(dev_name):
|
def _append_suffix(dev_name):
|
||||||
# If dev_name = 'xyz123' and the suffix is 'agent2' then the result
|
# If dev_name = 'xyz123' and the suffix is 'agent2' then the result
|
||||||
# will be 'xy-nt2'
|
# will be 'xy-nt2'
|
||||||
return "{0}-{1}".format(dev_name[:-4], agent.host[-3:])
|
return f"{dev_name[:-4]}-{agent.host[-3:]}"
|
||||||
|
|
||||||
def get_internal_device_name(port_id):
|
def get_internal_device_name(port_id):
|
||||||
return _append_suffix(
|
return _append_suffix(
|
||||||
@ -504,16 +504,16 @@ class TestIPSecBase(framework.L3AgentTestFramework):
|
|||||||
def prepare_ipsec_site_connections_sha256(self, site1, site2):
|
def prepare_ipsec_site_connections_sha256(self, site1, site2):
|
||||||
"""Builds info for connections in both directions in prep for sync."""
|
"""Builds info for connections in both directions in prep for sync."""
|
||||||
site1.prepare_ipsec_conn_info(site2,
|
site1.prepare_ipsec_conn_info(site2,
|
||||||
FAKE_IPSEC_CONNECTION_SHA256)
|
FAKE_IPSEC_CONNECTION_SHA256)
|
||||||
site2.prepare_ipsec_conn_info(site1,
|
site2.prepare_ipsec_conn_info(site1,
|
||||||
FAKE_IPSEC_CONNECTION_SHA256)
|
FAKE_IPSEC_CONNECTION_SHA256)
|
||||||
|
|
||||||
def prepare_ipsec_site_connections_local_id(self, site1, site2):
|
def prepare_ipsec_site_connections_local_id(self, site1, site2):
|
||||||
"""Builds info for connections in both directions in prep for sync."""
|
"""Builds info for connections in both directions in prep for sync."""
|
||||||
site1.prepare_ipsec_conn_info(site2, local_id='@site1.com',
|
site1.prepare_ipsec_conn_info(site2, local_id='@site1.com',
|
||||||
peer_id='@site2.com')
|
peer_id='@site2.com')
|
||||||
site2.prepare_ipsec_conn_info(site1, local_id='@site2.com',
|
site2.prepare_ipsec_conn_info(site1, local_id='@site2.com',
|
||||||
peer_id='@site1.com')
|
peer_id='@site1.com')
|
||||||
|
|
||||||
def sync_to_create_ipsec_connections(self, site1, site2):
|
def sync_to_create_ipsec_connections(self, site1, site2):
|
||||||
"""Perform a sync, so that connections are created."""
|
"""Perform a sync, so that connections are created."""
|
||||||
|
|||||||
@ -101,9 +101,9 @@ class TestOpenSwanDeviceDriver(test_scenario.TestIPSecBase):
|
|||||||
def test_no_config_change_skip_restart(self):
|
def test_no_config_change_skip_restart(self):
|
||||||
"""Test when config is not changed, then restart should be skipped"""
|
"""Test when config is not changed, then restart should be skipped"""
|
||||||
site1 = self.create_site(test_scenario.PUBLIC_NET[4],
|
site1 = self.create_site(test_scenario.PUBLIC_NET[4],
|
||||||
[self.private_nets[1]])
|
[self.private_nets[1]])
|
||||||
site2 = self.create_site(test_scenario.PUBLIC_NET[5],
|
site2 = self.create_site(test_scenario.PUBLIC_NET[5],
|
||||||
[self.private_nets[2]])
|
[self.private_nets[2]])
|
||||||
|
|
||||||
self.prepare_ipsec_site_connections(site1, site2)
|
self.prepare_ipsec_site_connections(site1, site2)
|
||||||
self.sync_to_create_ipsec_connections(site1, site2)
|
self.sync_to_create_ipsec_connections(site1, site2)
|
||||||
|
|||||||
@ -27,7 +27,7 @@ STATUS_PATTERN = re.compile('Command:.*ip.*addr.*show.*Exit code: 0')
|
|||||||
class TestNetnsWrapper(base.BaseSudoTestCase):
|
class TestNetnsWrapper(base.BaseSudoTestCase):
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
super(TestNetnsWrapper, self).setUp()
|
super().setUp()
|
||||||
config.setup_logging()
|
config.setup_logging()
|
||||||
self.fake_ns = 'func-8f1b728c-6eca-4042-9b6b-6ef66ab9352a'
|
self.fake_ns = 'func-8f1b728c-6eca-4042-9b6b-6ef66ab9352a'
|
||||||
self.mount_paths = ('--mount_paths=/etc:/var/lib/neutron'
|
self.mount_paths = ('--mount_paths=/etc:/var/lib/neutron'
|
||||||
|
|||||||
@ -109,7 +109,7 @@ class TestStrongSwanDeviceDriver(base.BaseSudoTestCase):
|
|||||||
"""Test the StrongSwan reference implementation of the device driver."""
|
"""Test the StrongSwan reference implementation of the device driver."""
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
super(TestStrongSwanDeviceDriver, self).setUp()
|
super().setUp()
|
||||||
self.conf = cfg.CONF
|
self.conf = cfg.CONF
|
||||||
self.conf.register_opts(l3_config.OPTS)
|
self.conf.register_opts(l3_config.OPTS)
|
||||||
self.conf.register_opts(ipsec.ipsec_opts, 'ipsec')
|
self.conf.register_opts(ipsec.ipsec_opts, 'ipsec')
|
||||||
@ -170,7 +170,7 @@ class TestStrongSwanDeviceDriver(base.BaseSudoTestCase):
|
|||||||
class TestStrongSwanScenario(test_scenario.TestIPSecBase):
|
class TestStrongSwanScenario(test_scenario.TestIPSecBase):
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
super(TestStrongSwanScenario, self).setUp()
|
super().setUp()
|
||||||
self.conf.register_opts(strongswan_ipsec.strongswan_opts,
|
self.conf.register_opts(strongswan_ipsec.strongswan_opts,
|
||||||
'strongswan')
|
'strongswan')
|
||||||
VPNAAS_STRONGSWAN_DEVICE = ('neutron_vpnaas.services.vpn.'
|
VPNAAS_STRONGSWAN_DEVICE = ('neutron_vpnaas.services.vpn.'
|
||||||
@ -208,9 +208,9 @@ class TestStrongSwanScenario(test_scenario.TestIPSecBase):
|
|||||||
|
|
||||||
def test_strongswan_connection_with_non_default_value(self):
|
def test_strongswan_connection_with_non_default_value(self):
|
||||||
site1 = self.create_site(test_scenario.PUBLIC_NET[4],
|
site1 = self.create_site(test_scenario.PUBLIC_NET[4],
|
||||||
[self.private_nets[1]])
|
[self.private_nets[1]])
|
||||||
site2 = self.create_site(test_scenario.PUBLIC_NET[5],
|
site2 = self.create_site(test_scenario.PUBLIC_NET[5],
|
||||||
[self.private_nets[2]])
|
[self.private_nets[2]])
|
||||||
|
|
||||||
self.check_ping(site1, site2, success=False)
|
self.check_ping(site1, site2, success=False)
|
||||||
self.check_ping(site2, site1, success=False)
|
self.check_ping(site2, site1, success=False)
|
||||||
@ -229,9 +229,9 @@ class TestStrongSwanScenario(test_scenario.TestIPSecBase):
|
|||||||
|
|
||||||
def _test_strongswan_connection_with_auth_algo(self, auth_algo):
|
def _test_strongswan_connection_with_auth_algo(self, auth_algo):
|
||||||
site1 = self.create_site(test_scenario.PUBLIC_NET[4],
|
site1 = self.create_site(test_scenario.PUBLIC_NET[4],
|
||||||
[self.private_nets[1]])
|
[self.private_nets[1]])
|
||||||
site2 = self.create_site(test_scenario.PUBLIC_NET[5],
|
site2 = self.create_site(test_scenario.PUBLIC_NET[5],
|
||||||
[self.private_nets[2]])
|
[self.private_nets[2]])
|
||||||
|
|
||||||
self.check_ping(site1, site2, success=False)
|
self.check_ping(site1, site2, success=False)
|
||||||
self.check_ping(site2, site1, success=False)
|
self.check_ping(site2, site1, success=False)
|
||||||
@ -272,9 +272,9 @@ class TestStrongSwanScenario(test_scenario.TestIPSecBase):
|
|||||||
|
|
||||||
def test_strongswan_connection_with_non_ascii_psk(self):
|
def test_strongswan_connection_with_non_ascii_psk(self):
|
||||||
site1 = self.create_site(test_scenario.PUBLIC_NET[4],
|
site1 = self.create_site(test_scenario.PUBLIC_NET[4],
|
||||||
[self.private_nets[1]])
|
[self.private_nets[1]])
|
||||||
site2 = self.create_site(test_scenario.PUBLIC_NET[5],
|
site2 = self.create_site(test_scenario.PUBLIC_NET[5],
|
||||||
[self.private_nets[2]])
|
[self.private_nets[2]])
|
||||||
|
|
||||||
self.check_ping(site1, site2, success=False)
|
self.check_ping(site1, site2, success=False)
|
||||||
self.check_ping(site2, site1, success=False)
|
self.check_ping(site2, site1, success=False)
|
||||||
@ -289,9 +289,9 @@ class TestStrongSwanScenario(test_scenario.TestIPSecBase):
|
|||||||
|
|
||||||
def test_strongswan_connection_with_wrong_non_ascii_psk(self):
|
def test_strongswan_connection_with_wrong_non_ascii_psk(self):
|
||||||
site1 = self.create_site(test_scenario.PUBLIC_NET[4],
|
site1 = self.create_site(test_scenario.PUBLIC_NET[4],
|
||||||
[self.private_nets[1]])
|
[self.private_nets[1]])
|
||||||
site2 = self.create_site(test_scenario.PUBLIC_NET[5],
|
site2 = self.create_site(test_scenario.PUBLIC_NET[5],
|
||||||
[self.private_nets[2]])
|
[self.private_nets[2]])
|
||||||
|
|
||||||
self.check_ping(site1, site2, success=False)
|
self.check_ping(site1, site2, success=False)
|
||||||
self.check_ping(site2, site1, success=False)
|
self.check_ping(site2, site1, success=False)
|
||||||
|
|||||||
@ -44,7 +44,7 @@ VPN_HOSTA = "host-1"
|
|||||||
VPN_HOSTB = "host-2"
|
VPN_HOSTB = "host-2"
|
||||||
|
|
||||||
|
|
||||||
class VPNAgentSchedulerTestMixIn(object):
|
class VPNAgentSchedulerTestMixIn:
|
||||||
def _request_list(self, path, admin_context=True,
|
def _request_list(self, path, admin_context=True,
|
||||||
expected_code=exc.HTTPOk.code):
|
expected_code=exc.HTTPOk.code):
|
||||||
req = self._path_req(path, admin_context=admin_context)
|
req = self._path_req(path, admin_context=admin_context)
|
||||||
@ -85,18 +85,18 @@ class VPNAgentSchedulerTestMixIn(object):
|
|||||||
def _list_routers_hosted_by_vpn_agent(self, agent_id,
|
def _list_routers_hosted_by_vpn_agent(self, agent_id,
|
||||||
expected_code=exc.HTTPOk.code,
|
expected_code=exc.HTTPOk.code,
|
||||||
admin_context=True):
|
admin_context=True):
|
||||||
path = "/agents/%s/%s.%s" % (agent_id,
|
path = "/agents/{}/{}.{}".format(agent_id,
|
||||||
vpn_agentschedulers.VPN_ROUTERS,
|
vpn_agentschedulers.VPN_ROUTERS,
|
||||||
self.fmt)
|
self.fmt)
|
||||||
return self._request_list(path, expected_code=expected_code,
|
return self._request_list(path, expected_code=expected_code,
|
||||||
admin_context=admin_context)
|
admin_context=admin_context)
|
||||||
|
|
||||||
def _add_router_to_vpn_agent(self, id, router_id,
|
def _add_router_to_vpn_agent(self, id, router_id,
|
||||||
expected_code=exc.HTTPCreated.code,
|
expected_code=exc.HTTPCreated.code,
|
||||||
admin_context=True):
|
admin_context=True):
|
||||||
path = "/agents/%s/%s.%s" % (id,
|
path = "/agents/{}/{}.{}".format(id,
|
||||||
vpn_agentschedulers.VPN_ROUTERS,
|
vpn_agentschedulers.VPN_ROUTERS,
|
||||||
self.fmt)
|
self.fmt)
|
||||||
req = self._path_create_request(path,
|
req = self._path_create_request(path,
|
||||||
{'router_id': router_id},
|
{'router_id': router_id},
|
||||||
admin_context=admin_context)
|
admin_context=admin_context)
|
||||||
@ -106,19 +106,19 @@ class VPNAgentSchedulerTestMixIn(object):
|
|||||||
def _list_vpn_agents_hosting_router(self, router_id,
|
def _list_vpn_agents_hosting_router(self, router_id,
|
||||||
expected_code=exc.HTTPOk.code,
|
expected_code=exc.HTTPOk.code,
|
||||||
admin_context=True):
|
admin_context=True):
|
||||||
path = "/routers/%s/%s.%s" % (router_id,
|
path = "/routers/{}/{}.{}".format(router_id,
|
||||||
vpn_agentschedulers.VPN_AGENTS,
|
vpn_agentschedulers.VPN_AGENTS,
|
||||||
self.fmt)
|
self.fmt)
|
||||||
return self._request_list(path, expected_code=expected_code,
|
return self._request_list(path, expected_code=expected_code,
|
||||||
admin_context=admin_context)
|
admin_context=admin_context)
|
||||||
|
|
||||||
def _remove_router_from_vpn_agent(self, id, router_id,
|
def _remove_router_from_vpn_agent(self, id, router_id,
|
||||||
expected_code=exc.HTTPNoContent.code,
|
expected_code=exc.HTTPNoContent.code,
|
||||||
admin_context=True):
|
admin_context=True):
|
||||||
path = "/agents/%s/%s/%s.%s" % (id,
|
path = "/agents/{}/{}/{}.{}".format(id,
|
||||||
vpn_agentschedulers.VPN_ROUTERS,
|
vpn_agentschedulers.VPN_ROUTERS,
|
||||||
router_id,
|
router_id,
|
||||||
self.fmt)
|
self.fmt)
|
||||||
req = self._path_delete_request(path, admin_context=admin_context)
|
req = self._path_delete_request(path, admin_context=admin_context)
|
||||||
res = req.get_response(self.ext_api)
|
res = req.get_response(self.ext_api)
|
||||||
self.assertEqual(expected_code, res.status_int)
|
self.assertEqual(expected_code, res.status_int)
|
||||||
|
|||||||
@ -65,16 +65,16 @@ class TestVpnCorePlugin(test_l3_plugin.TestL3NatIntPlugin,
|
|||||||
l3_agentschedulers_db.L3AgentSchedulerDbMixin,
|
l3_agentschedulers_db.L3AgentSchedulerDbMixin,
|
||||||
agentschedulers_db.DhcpAgentSchedulerDbMixin):
|
agentschedulers_db.DhcpAgentSchedulerDbMixin):
|
||||||
def __init__(self, configfile=None):
|
def __init__(self, configfile=None):
|
||||||
super(TestVpnCorePlugin, self).__init__()
|
super().__init__()
|
||||||
self.router_scheduler = l3_agent_scheduler.ChanceScheduler()
|
self.router_scheduler = l3_agent_scheduler.ChanceScheduler()
|
||||||
|
|
||||||
|
|
||||||
class VPNTestMixin(object):
|
class VPNTestMixin:
|
||||||
resource_prefix_map = dict(
|
resource_prefix_map = {
|
||||||
(k.replace('_', '-'),
|
k.replace('_', '-'):
|
||||||
"/vpn")
|
"/vpn"
|
||||||
for k in vpn.RESOURCE_ATTRIBUTE_MAP
|
for k in vpn.RESOURCE_ATTRIBUTE_MAP
|
||||||
)
|
}
|
||||||
|
|
||||||
def _create_ikepolicy(self, fmt,
|
def _create_ikepolicy(self, fmt,
|
||||||
name='ikepolicy1',
|
name='ikepolicy1',
|
||||||
@ -412,14 +412,14 @@ class VPNTestMixin(object):
|
|||||||
def _check_ipsec_site_connection(self, ipsec_site_connection, keys, dpd):
|
def _check_ipsec_site_connection(self, ipsec_site_connection, keys, dpd):
|
||||||
self.assertEqual(
|
self.assertEqual(
|
||||||
keys,
|
keys,
|
||||||
dict((k, v) for k, v
|
{k: v for k, v
|
||||||
in ipsec_site_connection.items()
|
in ipsec_site_connection.items()
|
||||||
if k in keys))
|
if k in keys})
|
||||||
self.assertEqual(
|
self.assertEqual(
|
||||||
dpd,
|
dpd,
|
||||||
dict((k, v) for k, v
|
{k: v for k, v
|
||||||
in ipsec_site_connection['dpd'].items()
|
in ipsec_site_connection['dpd'].items()
|
||||||
if k in dpd))
|
if k in dpd})
|
||||||
|
|
||||||
def _set_active(self, model, resource_id):
|
def _set_active(self, model, resource_id):
|
||||||
service_plugin = directory.get_plugin(nconstants.VPN)
|
service_plugin = directory.get_plugin(nconstants.VPN)
|
||||||
@ -463,10 +463,7 @@ class VPNPluginDbTestCase(VPNTestMixin,
|
|||||||
plugin_str = ('neutron_vpnaas.tests.unit.db.vpn.'
|
plugin_str = ('neutron_vpnaas.tests.unit.db.vpn.'
|
||||||
'test_vpn_db.TestVpnCorePlugin')
|
'test_vpn_db.TestVpnCorePlugin')
|
||||||
|
|
||||||
super(VPNPluginDbTestCase, self).setUp(
|
super().setUp(plugin_str, service_plugins=service_plugins)
|
||||||
plugin_str,
|
|
||||||
service_plugins=service_plugins
|
|
||||||
)
|
|
||||||
self._subnet_id = _uuid()
|
self._subnet_id = _uuid()
|
||||||
self.core_plugin = TestVpnCorePlugin()
|
self.core_plugin = TestVpnCorePlugin()
|
||||||
self.plugin = vpn_plugin.VPNPlugin()
|
self.plugin = vpn_plugin.VPNPlugin()
|
||||||
@ -488,7 +485,7 @@ class TestVpnaas(VPNPluginDbTestCase):
|
|||||||
# NOTE(armax): make sure that the callbacks needed by this test are
|
# NOTE(armax): make sure that the callbacks needed by this test are
|
||||||
# registered, as they may get wiped out depending by the order in
|
# registered, as they may get wiped out depending by the order in
|
||||||
# which imports, subscriptions and mocks occur.
|
# which imports, subscriptions and mocks occur.
|
||||||
super(TestVpnaas, self).setUp(**kwargs)
|
super().setUp(**kwargs)
|
||||||
vpn_db.subscribe()
|
vpn_db.subscribe()
|
||||||
|
|
||||||
def _check_policy(self, policy, keys, lifetime):
|
def _check_policy(self, policy, keys, lifetime):
|
||||||
@ -944,9 +941,9 @@ class TestVpnaas(VPNPluginDbTestCase):
|
|||||||
router=router,
|
router=router,
|
||||||
description=description,
|
description=description,
|
||||||
**extras) as vpnservice:
|
**extras) as vpnservice:
|
||||||
self.assertEqual(dict((k, v) for k, v in
|
self.assertEqual({k: v for k, v in
|
||||||
vpnservice['vpnservice'].items()
|
vpnservice['vpnservice'].items()
|
||||||
if k in expected),
|
if k in expected},
|
||||||
expected)
|
expected)
|
||||||
|
|
||||||
def test_delete_router_interface_in_use_by_vpnservice(self):
|
def test_delete_router_interface_in_use_by_vpnservice(self):
|
||||||
@ -1368,8 +1365,8 @@ class TestVpnaas(VPNPluginDbTestCase):
|
|||||||
ext_gw = router['router']['external_gateway_info']
|
ext_gw = router['router']['external_gateway_info']
|
||||||
if ext_gw:
|
if ext_gw:
|
||||||
self._create_subnet(self.fmt,
|
self._create_subnet(self.fmt,
|
||||||
net_id=ext_gw['network_id'],
|
net_id=ext_gw['network_id'],
|
||||||
ip_version=6, cidr='2001:db8::/32')
|
ip_version=6, cidr='2001:db8::/32')
|
||||||
keys['vpnservice_id'] = vpnservice1['vpnservice']['id']
|
keys['vpnservice_id'] = vpnservice1['vpnservice']['id']
|
||||||
keys['ikepolicy_id'] = ikepolicy['ikepolicy']['id']
|
keys['ikepolicy_id'] = ikepolicy['ikepolicy']['id']
|
||||||
keys['ipsecpolicy_id'] = ipsecpolicy['ipsecpolicy']['id']
|
keys['ipsecpolicy_id'] = ipsecpolicy['ipsecpolicy']['id']
|
||||||
@ -1718,7 +1715,7 @@ class TestVpnaas(VPNPluginDbTestCase):
|
|||||||
# tests.
|
# tests.
|
||||||
|
|
||||||
# TODO(pcm): Put helpers in another module for sharing
|
# TODO(pcm): Put helpers in another module for sharing
|
||||||
class NeutronResourcesMixin(object):
|
class NeutronResourcesMixin:
|
||||||
|
|
||||||
def create_network(self, overrides=None):
|
def create_network(self, overrides=None):
|
||||||
"""Create database entry for network."""
|
"""Create database entry for network."""
|
||||||
@ -1815,7 +1812,7 @@ class TestVpnDatabase(base.NeutronDbPluginV2TestCase, NeutronResourcesMixin):
|
|||||||
# Setup the core plugin
|
# Setup the core plugin
|
||||||
self.plugin_str = ('neutron_vpnaas.tests.unit.db.vpn.'
|
self.plugin_str = ('neutron_vpnaas.tests.unit.db.vpn.'
|
||||||
'test_vpn_db.TestVpnCorePlugin')
|
'test_vpn_db.TestVpnCorePlugin')
|
||||||
super(TestVpnDatabase, self).setUp(self.plugin_str)
|
super().setUp(self.plugin_str)
|
||||||
# Get the plugins
|
# Get the plugins
|
||||||
self.core_plugin = directory.get_plugin()
|
self.core_plugin = directory.get_plugin()
|
||||||
self.l3_plugin = directory.get_plugin(nconstants.L3)
|
self.l3_plugin = directory.get_plugin(nconstants.L3)
|
||||||
@ -2025,7 +2022,8 @@ class TestVpnDatabase(base.NeutronDbPluginV2TestCase, NeutronResourcesMixin):
|
|||||||
expected1.update({'id': group_id1})
|
expected1.update({'id': group_id1})
|
||||||
expected2.update({'id': group_id2})
|
expected2.update({'id': group_id2})
|
||||||
expected_groups = [expected1, expected2]
|
expected_groups = [expected1, expected2]
|
||||||
actual_groups = self.plugin.get_endpoint_groups(self.context,
|
actual_groups = self.plugin.get_endpoint_groups(
|
||||||
|
self.context,
|
||||||
fields=('type', 'tenant_id', 'endpoints',
|
fields=('type', 'tenant_id', 'endpoints',
|
||||||
'name', 'description', 'id'))
|
'name', 'description', 'id'))
|
||||||
for expected_group, actual_group in zip(expected_groups,
|
for expected_group, actual_group in zip(expected_groups,
|
||||||
@ -2312,9 +2310,9 @@ class TestVpnDatabase(base.NeutronDbPluginV2TestCase, NeutronResourcesMixin):
|
|||||||
group_type='cidr', endpoints=peer_cidrs)
|
group_type='cidr', endpoints=peer_cidrs)
|
||||||
ipsec_site_connection['ipsec_site_connection'].update(
|
ipsec_site_connection['ipsec_site_connection'].update(
|
||||||
{'local_ep_group_id': local_ep_group['id'],
|
{'local_ep_group_id': local_ep_group['id'],
|
||||||
'peer_ep_group_id': peer_ep_group['id']})
|
'peer_ep_group_id': peer_ep_group['id']})
|
||||||
self.plugin.create_ipsec_site_connection(self.context,
|
self.plugin.create_ipsec_site_connection(self.context,
|
||||||
ipsec_site_connection)
|
ipsec_site_connection)
|
||||||
return private_subnet, router
|
return private_subnet, router
|
||||||
|
|
||||||
def _setup_ipsec_site_connections_without_ep_groups(self, peer_cidr_lists):
|
def _setup_ipsec_site_connections_without_ep_groups(self, peer_cidr_lists):
|
||||||
|
|||||||
@ -41,7 +41,7 @@ IPV6 = 6
|
|||||||
class TestVpnValidation(base.BaseTestCase):
|
class TestVpnValidation(base.BaseTestCase):
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
super(TestVpnValidation, self).setUp()
|
super().setUp()
|
||||||
self.l3_plugin = mock.Mock()
|
self.l3_plugin = mock.Mock()
|
||||||
self.core_plugin = mock.Mock()
|
self.core_plugin = mock.Mock()
|
||||||
directory.add_plugin(nconstants.CORE, self.core_plugin)
|
directory.add_plugin(nconstants.CORE, self.core_plugin)
|
||||||
@ -430,7 +430,7 @@ class TestVpnValidation(base.BaseTestCase):
|
|||||||
subnet2 = _uuid()
|
subnet2 = _uuid()
|
||||||
expected_subnets = [subnet1, subnet2]
|
expected_subnets = [subnet1, subnet2]
|
||||||
local_epg = {'id': _uuid(),
|
local_epg = {'id': _uuid(),
|
||||||
'type': v_constants.SUBNET_ENDPOINT,
|
'type': v_constants.SUBNET_ENDPOINT,
|
||||||
'endpoints': expected_subnets}
|
'endpoints': expected_subnets}
|
||||||
query_mock = mock.patch.object(query.Query, 'all').start()
|
query_mock = mock.patch.object(query.Query, 'all').start()
|
||||||
query_mock.return_value = expected_subnets
|
query_mock.return_value = expected_subnets
|
||||||
|
|||||||
@ -27,7 +27,7 @@ class DummyIPsecVPNDriver(base_ipsec.BaseIPsecVPNDriver):
|
|||||||
"""Dummy VPN Service Driver class for IPsec."""
|
"""Dummy VPN Service Driver class for IPsec."""
|
||||||
|
|
||||||
def __init__(self, service_plugin):
|
def __init__(self, service_plugin):
|
||||||
super(DummyIPsecVPNDriver, self).__init__(
|
super().__init__(
|
||||||
service_plugin,
|
service_plugin,
|
||||||
ipsec_validator.IpsecVpnValidator(self))
|
ipsec_validator.IpsecVpnValidator(self))
|
||||||
|
|
||||||
|
|||||||
@ -41,7 +41,7 @@ class VpnEndpointGroupsTestCase(base.ExtensionTestCase):
|
|||||||
fmt = 'json'
|
fmt = 'json'
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
super(VpnEndpointGroupsTestCase, self).setUp()
|
super().setUp()
|
||||||
plural_mappings = {'endpoint_group': 'endpoint-groups'}
|
plural_mappings = {'endpoint_group': 'endpoint-groups'}
|
||||||
self.setup_extension(
|
self.setup_extension(
|
||||||
'neutron_vpnaas.tests.unit.extensions.test_vpn_endpoint_groups.'
|
'neutron_vpnaas.tests.unit.extensions.test_vpn_endpoint_groups.'
|
||||||
|
|||||||
@ -32,7 +32,7 @@ class VpnaasExtensionTestCase(base.ExtensionTestCase):
|
|||||||
fmt = 'json'
|
fmt = 'json'
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
super(VpnaasExtensionTestCase, self).setUp()
|
super().setUp()
|
||||||
plural_mappings = {'ipsecpolicy': 'ipsecpolicies',
|
plural_mappings = {'ipsecpolicy': 'ipsecpolicies',
|
||||||
'ikepolicy': 'ikepolicies',
|
'ikepolicy': 'ikepolicies',
|
||||||
'ipsec_site_connection': 'ipsec-site-connections',
|
'ipsec_site_connection': 'ipsec-site-connections',
|
||||||
|
|||||||
@ -22,7 +22,7 @@ from neutron_vpnaas.services.vpn.common import netns_wrapper as nswrap
|
|||||||
class TestNetnsWrapper(base.BaseTestCase):
|
class TestNetnsWrapper(base.BaseTestCase):
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
super(TestNetnsWrapper, self).setUp()
|
super().setUp()
|
||||||
patch_methods = ['filter_command',
|
patch_methods = ['filter_command',
|
||||||
'execute',
|
'execute',
|
||||||
'setup_conf']
|
'setup_conf']
|
||||||
|
|||||||
@ -297,32 +297,33 @@ EXPECTED_IPSEC_STRONGSWAN_SECRET_CONF = '''
|
|||||||
60.0.0.4 60.0.0.6 : PSK 0scGFzc3dvcmQ=
|
60.0.0.4 60.0.0.6 : PSK 0scGFzc3dvcmQ=
|
||||||
''' % FAKE_VPNSERVICE_ID
|
''' % FAKE_VPNSERVICE_ID
|
||||||
|
|
||||||
PLUTO_ACTIVE_STATUS = """000 "%(conn_id)s/0x1": erouted;\n
|
PLUTO_ACTIVE_STATUS = """000 "{conn_id}/0x1": erouted;\n
|
||||||
000 #4: "%(conn_id)s/0x1":500 STATE_QUICK_R2 (IPsec SA established); \
|
000 #4: "{conn_id}/0x1":500 STATE_QUICK_R2 (IPsec SA established); \
|
||||||
newest IPSEC;""" % {
|
newest IPSEC;""".format(
|
||||||
'conn_id': FAKE_IPSEC_SITE_CONNECTION2_ID}
|
conn_id=FAKE_IPSEC_SITE_CONNECTION2_ID)
|
||||||
PLUTO_ACTIVE_STATUS_IKEV2 = """000 "%(conn_id)s/0x1": erouted;\n
|
PLUTO_ACTIVE_STATUS_IKEV2 = """000 "{conn_id}/0x1": erouted;\n
|
||||||
000 #4: "%(conn_id)s/0x1":500 STATE_PARENT_R2 (PARENT SA established); \
|
000 #4: "{conn_id}/0x1":500 STATE_PARENT_R2 (PARENT SA established); \
|
||||||
newest IPSEC;""" % {
|
newest IPSEC;""".format(
|
||||||
'conn_id': FAKE_IPSEC_SITE_CONNECTION2_ID}
|
conn_id=FAKE_IPSEC_SITE_CONNECTION2_ID)
|
||||||
PLUTO_MULTIPLE_SUBNETS_ESTABLISHED_STATUS = """000 "%(conn_id1)s/1x1": erouted;\n
|
PLUTO_MULTIPLE_SUBNETS_ESTABLISHED_STATUS = """000 "{conn_id1}/1x1": erouted;\n
|
||||||
000 #4: "%(conn_id1)s/1x1":500 STATE_QUICK_R2 (IPsec SA established); \
|
000 #4: "{conn_id1}/1x1":500 STATE_QUICK_R2 (IPsec SA established); \
|
||||||
newest IPSEC;\n
|
newest IPSEC;\n
|
||||||
000 "%(conn_id2)s/2x1": erouted;\n
|
000 "{conn_id2}/2x1": erouted;\n
|
||||||
000 #4: "%(conn_id2)s/2x1":500 STATE_QUICK_R2 (IPsec SA established); \
|
000 #4: "{conn_id2}/2x1":500 STATE_QUICK_R2 (IPsec SA established); \
|
||||||
newest IPSEC;\n""" % { # noqa: E501
|
newest IPSEC;\n""".format( # noqa: E501
|
||||||
'conn_id1': FAKE_IPSEC_SITE_CONNECTION1_ID,
|
conn_id1=FAKE_IPSEC_SITE_CONNECTION1_ID,
|
||||||
'conn_id2': FAKE_IPSEC_SITE_CONNECTION2_ID}
|
conn_id2=FAKE_IPSEC_SITE_CONNECTION2_ID)
|
||||||
PLUTO_ACTIVE_NO_IPSEC_SA_STATUS = """000 "%(conn_id)s/0x1": erouted;\n
|
PLUTO_ACTIVE_NO_IPSEC_SA_STATUS = """000 "{conn_id}/0x1": erouted;\n
|
||||||
000 #258: "%(conn_id)s/0x1":500 STATE_MAIN_R2 (sent MR2, expecting MI3);""" % {
|
000 #258: "{conn_id}/0x1":500 STATE_MAIN_R2
|
||||||
|
(sent MR2, expecting MI3);""".format(
|
||||||
|
conn_id=FAKE_IPSEC_SITE_CONNECTION2_ID)
|
||||||
|
PLUTO_DOWN_STATUS = "000 \"%(conn_id)s/0x1\": unrouted;" % {
|
||||||
'conn_id': FAKE_IPSEC_SITE_CONNECTION2_ID}
|
'conn_id': FAKE_IPSEC_SITE_CONNECTION2_ID}
|
||||||
PLUTO_DOWN_STATUS = "000 \"%(conn_id)s/0x1\": unrouted;" % {'conn_id':
|
|
||||||
FAKE_IPSEC_SITE_CONNECTION2_ID}
|
|
||||||
|
|
||||||
CHARON_ACTIVE_STATUS = "%(conn_id)s{1}: INSTALLED, TUNNEL" % {'conn_id':
|
CHARON_ACTIVE_STATUS = "%(conn_id)s{1}: INSTALLED, TUNNEL" % {
|
||||||
FAKE_IPSEC_SITE_CONNECTION2_ID}
|
'conn_id': FAKE_IPSEC_SITE_CONNECTION2_ID}
|
||||||
CHARON_DOWN_STATUS = "%(conn_id)s{1}: ROUTED, TUNNEL" % {'conn_id':
|
CHARON_DOWN_STATUS = "%(conn_id)s{1}: ROUTED, TUNNEL" % {
|
||||||
FAKE_IPSEC_SITE_CONNECTION2_ID}
|
'conn_id': FAKE_IPSEC_SITE_CONNECTION2_ID}
|
||||||
|
|
||||||
NOT_RUNNING_STATUS = "Command: ['ipsec', 'status'] Exit code: 3 Stdout:"
|
NOT_RUNNING_STATUS = "Command: ['ipsec', 'status'] Exit code: 3 Stdout:"
|
||||||
|
|
||||||
@ -331,7 +332,7 @@ class BaseIPsecDeviceDriver(base.BaseTestCase):
|
|||||||
def setUp(self, driver=openswan_ipsec.OpenSwanDriver,
|
def setUp(self, driver=openswan_ipsec.OpenSwanDriver,
|
||||||
ipsec_process=openswan_ipsec.OpenSwanProcess,
|
ipsec_process=openswan_ipsec.OpenSwanProcess,
|
||||||
vpnservice=FAKE_VPN_SERVICE):
|
vpnservice=FAKE_VPN_SERVICE):
|
||||||
super(BaseIPsecDeviceDriver, self).setUp()
|
super().setUp()
|
||||||
for klass in [
|
for klass in [
|
||||||
'neutron_lib.rpc.Connection',
|
'neutron_lib.rpc.Connection',
|
||||||
'oslo_service.loopingcall.FixedIntervalLoopingCall'
|
'oslo_service.loopingcall.FixedIntervalLoopingCall'
|
||||||
@ -431,13 +432,13 @@ class IPSecDeviceLegacy(BaseIPsecDeviceDriver):
|
|||||||
|
|
||||||
def setUp(self, driver=openswan_ipsec.OpenSwanDriver,
|
def setUp(self, driver=openswan_ipsec.OpenSwanDriver,
|
||||||
ipsec_process=openswan_ipsec.OpenSwanProcess):
|
ipsec_process=openswan_ipsec.OpenSwanProcess):
|
||||||
super(IPSecDeviceLegacy, self).setUp(driver, ipsec_process)
|
super().setUp(driver, ipsec_process)
|
||||||
self._make_router_info_for_test()
|
self._make_router_info_for_test()
|
||||||
|
|
||||||
def _make_router_info_for_test(self):
|
def _make_router_info_for_test(self):
|
||||||
self.router_info = legacy_router.LegacyRouter(router_id=FAKE_ROUTER_ID,
|
self.router_info = legacy_router.LegacyRouter(router_id=FAKE_ROUTER_ID,
|
||||||
agent=self.agent,
|
agent=self.agent,
|
||||||
**self.ri_kwargs)
|
**self.ri_kwargs)
|
||||||
self.router_info.router['distributed'] = False
|
self.router_info.router['distributed'] = False
|
||||||
self.router_info.iptables_manager.ipv4['nat'] = self.iptables
|
self.router_info.iptables_manager.ipv4['nat'] = self.iptables
|
||||||
self.router_info.iptables_manager.apply = self.apply_mock
|
self.router_info.iptables_manager.apply = self.apply_mock
|
||||||
@ -646,7 +647,7 @@ class IPSecDeviceLegacy(BaseIPsecDeviceDriver):
|
|||||||
router_id_no_vpn = _uuid()
|
router_id_no_vpn = _uuid()
|
||||||
vpn_service_router_id = _uuid()
|
vpn_service_router_id = _uuid()
|
||||||
with mock.patch.object(self.driver,
|
with mock.patch.object(self.driver,
|
||||||
'destroy_process') as (fake_destroy_process):
|
'destroy_process') as (fake_destroy_process):
|
||||||
self.driver._delete_vpn_processes([router_id_no_vpn],
|
self.driver._delete_vpn_processes([router_id_no_vpn],
|
||||||
[vpn_service_router_id])
|
[vpn_service_router_id])
|
||||||
fake_destroy_process.assert_has_calls(
|
fake_destroy_process.assert_has_calls(
|
||||||
@ -655,7 +656,7 @@ class IPSecDeviceLegacy(BaseIPsecDeviceDriver):
|
|||||||
# test that _delete_vpn_processes doesn't delete the
|
# test that _delete_vpn_processes doesn't delete the
|
||||||
# the valid vpn processes
|
# the valid vpn processes
|
||||||
with mock.patch.object(self.driver,
|
with mock.patch.object(self.driver,
|
||||||
'destroy_process') as fake_destroy_process:
|
'destroy_process') as fake_destroy_process:
|
||||||
self.driver._delete_vpn_processes([vpn_service_router_id],
|
self.driver._delete_vpn_processes([vpn_service_router_id],
|
||||||
[vpn_service_router_id])
|
[vpn_service_router_id])
|
||||||
self.assertFalse(fake_destroy_process.called)
|
self.assertFalse(fake_destroy_process.called)
|
||||||
@ -832,7 +833,7 @@ class IPSecDeviceLegacy(BaseIPsecDeviceDriver):
|
|||||||
ipsec_site_conn[connection_id]['status'])
|
ipsec_site_conn[connection_id]['status'])
|
||||||
|
|
||||||
def _test_status_handling_for_ike_v2_active_connection(self,
|
def _test_status_handling_for_ike_v2_active_connection(self,
|
||||||
active_status):
|
active_status):
|
||||||
"""Test status handling for active connection."""
|
"""Test status handling for active connection."""
|
||||||
router_id = self.router_info.router_id
|
router_id = self.router_info.router_id
|
||||||
connection_id = FAKE_IPSEC_SITE_CONNECTION2_ID
|
connection_id = FAKE_IPSEC_SITE_CONNECTION2_ID
|
||||||
@ -903,15 +904,15 @@ class IPSecDeviceDVR(BaseIPsecDeviceDriver):
|
|||||||
|
|
||||||
def setUp(self, driver=openswan_ipsec.OpenSwanDriver,
|
def setUp(self, driver=openswan_ipsec.OpenSwanDriver,
|
||||||
ipsec_process=openswan_ipsec.OpenSwanProcess):
|
ipsec_process=openswan_ipsec.OpenSwanProcess):
|
||||||
super(IPSecDeviceDVR, self).setUp(driver, ipsec_process)
|
super().setUp(driver, ipsec_process)
|
||||||
mock.patch.object(dvr_snat_ns.SnatNamespace, 'create').start()
|
mock.patch.object(dvr_snat_ns.SnatNamespace, 'create').start()
|
||||||
self._make_dvr_edge_router_info_for_test()
|
self._make_dvr_edge_router_info_for_test()
|
||||||
|
|
||||||
def _make_dvr_edge_router_info_for_test(self):
|
def _make_dvr_edge_router_info_for_test(self):
|
||||||
router_info = dvr_edge_router.DvrEdgeRouter(mock.sentinel.agent,
|
router_info = dvr_edge_router.DvrEdgeRouter(mock.sentinel.agent,
|
||||||
mock.sentinel.myhost,
|
mock.sentinel.myhost,
|
||||||
FAKE_ROUTER_ID,
|
FAKE_ROUTER_ID,
|
||||||
**self.ri_kwargs)
|
**self.ri_kwargs)
|
||||||
router_info.router['distributed'] = True
|
router_info.router['distributed'] = True
|
||||||
router_info.snat_namespace = dvr_snat_ns.SnatNamespace(
|
router_info.snat_namespace = dvr_snat_ns.SnatNamespace(
|
||||||
router_info.router['id'],
|
router_info.router['id'],
|
||||||
@ -936,7 +937,7 @@ class IPSecDeviceDVR(BaseIPsecDeviceDriver):
|
|||||||
self.driver._cleanup_stale_vpn_processes = mock.Mock()
|
self.driver._cleanup_stale_vpn_processes = mock.Mock()
|
||||||
sync_router_ids = [fake_vpn_service['router_id']]
|
sync_router_ids = [fake_vpn_service['router_id']]
|
||||||
with mock.patch.object(self.driver,
|
with mock.patch.object(self.driver,
|
||||||
'get_process_status_cache') as process_status:
|
'get_process_status_cache') as process_status:
|
||||||
self.driver.sync(context, [self.driver.routers[FAKE_ROUTER_ID]])
|
self.driver.sync(context, [self.driver.routers[FAKE_ROUTER_ID]])
|
||||||
self.driver._sync_vpn_processes.assert_called_once_with(
|
self.driver._sync_vpn_processes.assert_called_once_with(
|
||||||
[fake_vpn_service], sync_router_ids)
|
[fake_vpn_service], sync_router_ids)
|
||||||
@ -972,8 +973,7 @@ class TestOpenSwanConfigGeneration(BaseIPsecDeviceDriver):
|
|||||||
|
|
||||||
def setUp(self, driver=openswan_ipsec.OpenSwanDriver,
|
def setUp(self, driver=openswan_ipsec.OpenSwanDriver,
|
||||||
ipsec_process=openswan_ipsec.OpenSwanProcess):
|
ipsec_process=openswan_ipsec.OpenSwanProcess):
|
||||||
super(TestOpenSwanConfigGeneration, self).setUp(
|
super().setUp(driver, ipsec_process, vpnservice=FAKE_VPN_SERVICE)
|
||||||
driver, ipsec_process, vpnservice=FAKE_VPN_SERVICE)
|
|
||||||
self.conf.register_opts(openswan_ipsec.openswan_opts, 'openswan')
|
self.conf.register_opts(openswan_ipsec.openswan_opts, 'openswan')
|
||||||
self.conf.set_override('state_path', '/tmp')
|
self.conf.set_override('state_path', '/tmp')
|
||||||
self.ipsec_template = self.conf.openswan.ipsec_config_template
|
self.ipsec_template = self.conf.openswan.ipsec_config_template
|
||||||
@ -985,13 +985,14 @@ class TestOpenSwanConfigGeneration(BaseIPsecDeviceDriver):
|
|||||||
def build_ipsec_expected_config_for_test(self, info):
|
def build_ipsec_expected_config_for_test(self, info):
|
||||||
"""Modify OpenSwan ipsec expected config files for test variations."""
|
"""Modify OpenSwan ipsec expected config files for test variations."""
|
||||||
auth_mode = info.get('ipsec_auth', AUTH_ESP)
|
auth_mode = info.get('ipsec_auth', AUTH_ESP)
|
||||||
conn_details = OPENSWAN_CONNECTION_DETAILS % {'auth_mode': auth_mode,
|
conn_details = OPENSWAN_CONNECTION_DETAILS % {
|
||||||
'dpd_action': 'hold',
|
'auth_mode': auth_mode,
|
||||||
'dpd_delay': 30,
|
'dpd_action': 'hold',
|
||||||
'dpd_timeout': 120,
|
'dpd_delay': 30,
|
||||||
'ike_lifetime': 3600,
|
'dpd_timeout': 120,
|
||||||
'life_time': 3600,
|
'ike_lifetime': 3600,
|
||||||
'encapsulation_mode': 'tunnel'}
|
'life_time': 3600,
|
||||||
|
'encapsulation_mode': 'tunnel'}
|
||||||
virtual_privates = []
|
virtual_privates = []
|
||||||
# Convert local CIDRs into assignment strings. IF more than one,
|
# Convert local CIDRs into assignment strings. IF more than one,
|
||||||
# pluralize the attribute name and enclose in brackets.
|
# pluralize the attribute name and enclose in brackets.
|
||||||
@ -1004,14 +1005,14 @@ class TestOpenSwanConfigGeneration(BaseIPsecDeviceDriver):
|
|||||||
local_cidrs.append("=%s" % cidr[0])
|
local_cidrs.append("=%s" % cidr[0])
|
||||||
for net in cidr:
|
for net in cidr:
|
||||||
version = netaddr.IPNetwork(net).version
|
version = netaddr.IPNetwork(net).version
|
||||||
virtual_privates.append('%%v%s:%s' % (version, net))
|
virtual_privates.append('%v{}:{}'.format(version, net))
|
||||||
# Convert peer CIDRs into space separated strings
|
# Convert peer CIDRs into space separated strings
|
||||||
cidrs = info.get('peer_cidrs', [['20.0.0.0/24', '30.0.0.0/24'],
|
cidrs = info.get('peer_cidrs', [['20.0.0.0/24', '30.0.0.0/24'],
|
||||||
['40.0.0.0/24', '50.0.0.0/24']])
|
['40.0.0.0/24', '50.0.0.0/24']])
|
||||||
for cidr in cidrs:
|
for cidr in cidrs:
|
||||||
for net in cidr:
|
for net in cidr:
|
||||||
version = netaddr.IPNetwork(net).version
|
version = netaddr.IPNetwork(net).version
|
||||||
virtual_privates.append('%%v%s:%s' % (version, net))
|
virtual_privates.append('%v{}:{}'.format(version, net))
|
||||||
peer_cidrs = [' '.join(cidr) for cidr in cidrs]
|
peer_cidrs = [' '.join(cidr) for cidr in cidrs]
|
||||||
local_ip = info.get('local', '60.0.0.4')
|
local_ip = info.get('local', '60.0.0.4')
|
||||||
local_id = info.get('local_id')
|
local_id = info.get('local_id')
|
||||||
@ -1097,10 +1098,10 @@ class IPsecStrongswanConfigGeneration(BaseIPsecDeviceDriver):
|
|||||||
|
|
||||||
def setUp(self, driver=strongswan_ipsec.StrongSwanDriver,
|
def setUp(self, driver=strongswan_ipsec.StrongSwanDriver,
|
||||||
ipsec_process=strongswan_ipsec.StrongSwanProcess):
|
ipsec_process=strongswan_ipsec.StrongSwanProcess):
|
||||||
super(IPsecStrongswanConfigGeneration, self).setUp(
|
super().setUp(
|
||||||
driver, ipsec_process, vpnservice=FAKE_VPN_SERVICE)
|
driver, ipsec_process, vpnservice=FAKE_VPN_SERVICE)
|
||||||
self.conf.register_opts(strongswan_ipsec.strongswan_opts,
|
self.conf.register_opts(strongswan_ipsec.strongswan_opts,
|
||||||
'strongswan')
|
'strongswan')
|
||||||
self.conf.set_override('state_path', '/tmp')
|
self.conf.set_override('state_path', '/tmp')
|
||||||
self.ipsec_template = self.conf.strongswan.ipsec_config_template
|
self.ipsec_template = self.conf.strongswan.ipsec_config_template
|
||||||
self.process = strongswan_ipsec.StrongSwanProcess(self.conf,
|
self.process = strongswan_ipsec.StrongSwanProcess(self.conf,
|
||||||
@ -1203,7 +1204,7 @@ class TestOpenSwanProcess(IPSecDeviceLegacy):
|
|||||||
|
|
||||||
def setUp(self, driver=openswan_ipsec.OpenSwanDriver,
|
def setUp(self, driver=openswan_ipsec.OpenSwanDriver,
|
||||||
ipsec_process=openswan_ipsec.OpenSwanProcess):
|
ipsec_process=openswan_ipsec.OpenSwanProcess):
|
||||||
super(TestOpenSwanProcess, self).setUp(driver, ipsec_process)
|
super().setUp(driver, ipsec_process)
|
||||||
self.conf.register_opts(openswan_ipsec.openswan_opts,
|
self.conf.register_opts(openswan_ipsec.openswan_opts,
|
||||||
'openswan')
|
'openswan')
|
||||||
self.conf.set_override('state_path', '/tmp')
|
self.conf.set_override('state_path', '/tmp')
|
||||||
@ -1414,7 +1415,7 @@ class TestOpenSwanProcess(IPSecDeviceLegacy):
|
|||||||
@mock.patch('os.path.exists', return_value=True)
|
@mock.patch('os.path.exists', return_value=True)
|
||||||
@mock.patch('neutron_vpnaas.services.vpn.device_drivers.ipsec.open',
|
@mock.patch('neutron_vpnaas.services.vpn.device_drivers.ipsec.open',
|
||||||
create=True,
|
create=True,
|
||||||
side_effect=[io.StringIO(u'invalid'),
|
side_effect=[io.StringIO('invalid'),
|
||||||
IOError])
|
IOError])
|
||||||
def test_process_running_bogus_pid(self, mock_open, mock_exists):
|
def test_process_running_bogus_pid(self, mock_open, mock_exists):
|
||||||
with mock.patch.object(openswan_ipsec.LOG, 'error'):
|
with mock.patch.object(openswan_ipsec.LOG, 'error'):
|
||||||
@ -1425,7 +1426,7 @@ class TestOpenSwanProcess(IPSecDeviceLegacy):
|
|||||||
@mock.patch('os.path.exists', return_value=True)
|
@mock.patch('os.path.exists', return_value=True)
|
||||||
@mock.patch('neutron_vpnaas.services.vpn.device_drivers.ipsec.open',
|
@mock.patch('neutron_vpnaas.services.vpn.device_drivers.ipsec.open',
|
||||||
create=True,
|
create=True,
|
||||||
side_effect=[io.StringIO(u'134'), io.StringIO(u'')])
|
side_effect=[io.StringIO('134'), io.StringIO('')])
|
||||||
def test_process_running_no_cmdline(self, mock_open, mock_exists):
|
def test_process_running_no_cmdline(self, mock_open, mock_exists):
|
||||||
with mock.patch.object(openswan_ipsec.LOG, 'error') as log_mock:
|
with mock.patch.object(openswan_ipsec.LOG, 'error') as log_mock:
|
||||||
self.assertFalse(self.process._process_running())
|
self.assertFalse(self.process._process_running())
|
||||||
@ -1435,7 +1436,7 @@ class TestOpenSwanProcess(IPSecDeviceLegacy):
|
|||||||
@mock.patch('os.path.exists', return_value=True)
|
@mock.patch('os.path.exists', return_value=True)
|
||||||
@mock.patch('neutron_vpnaas.services.vpn.device_drivers.ipsec.open',
|
@mock.patch('neutron_vpnaas.services.vpn.device_drivers.ipsec.open',
|
||||||
create=True,
|
create=True,
|
||||||
side_effect=[io.StringIO(u'134'), io.StringIO(u'ps ax')])
|
side_effect=[io.StringIO('134'), io.StringIO('ps ax')])
|
||||||
def test_process_running_cmdline_mismatch(self, mock_open, mock_exists):
|
def test_process_running_cmdline_mismatch(self, mock_open, mock_exists):
|
||||||
with mock.patch.object(openswan_ipsec.LOG, 'error') as log_mock:
|
with mock.patch.object(openswan_ipsec.LOG, 'error') as log_mock:
|
||||||
self.assertFalse(self.process._process_running())
|
self.assertFalse(self.process._process_running())
|
||||||
@ -1445,8 +1446,8 @@ class TestOpenSwanProcess(IPSecDeviceLegacy):
|
|||||||
@mock.patch('os.path.exists', return_value=True)
|
@mock.patch('os.path.exists', return_value=True)
|
||||||
@mock.patch('neutron_vpnaas.services.vpn.device_drivers.ipsec.open',
|
@mock.patch('neutron_vpnaas.services.vpn.device_drivers.ipsec.open',
|
||||||
create=True,
|
create=True,
|
||||||
side_effect=[io.StringIO(u'134'),
|
side_effect=[io.StringIO('134'),
|
||||||
io.StringIO(u'/usr/libexec/ipsec/pluto -ctlbase'
|
io.StringIO('/usr/libexec/ipsec/pluto -ctlbase'
|
||||||
'/some/foo/path')])
|
'/some/foo/path')])
|
||||||
def test_process_running_cmdline_match(self, mock_open, mock_exists):
|
def test_process_running_cmdline_match(self, mock_open, mock_exists):
|
||||||
self.process.pid_path = '/some/foo/path'
|
self.process.pid_path = '/some/foo/path'
|
||||||
@ -1491,13 +1492,13 @@ class TestOpenSwanProcess(IPSecDeviceLegacy):
|
|||||||
class TestLibreSwanProcess(base.BaseTestCase):
|
class TestLibreSwanProcess(base.BaseTestCase):
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
super(TestLibreSwanProcess, self).setUp()
|
super().setUp()
|
||||||
self.vpnservice = copy.deepcopy(FAKE_VPN_SERVICE)
|
self.vpnservice = copy.deepcopy(FAKE_VPN_SERVICE)
|
||||||
|
|
||||||
self.ipsec_process = libreswan_ipsec.LibreSwanProcess(cfg.CONF,
|
self.ipsec_process = libreswan_ipsec.LibreSwanProcess(cfg.CONF,
|
||||||
'foo-process-id',
|
'foo-process-id',
|
||||||
self.vpnservice,
|
self.vpnservice,
|
||||||
mock.ANY)
|
mock.ANY)
|
||||||
|
|
||||||
@mock.patch('os.path.exists', return_value=True)
|
@mock.patch('os.path.exists', return_value=True)
|
||||||
def test_ensure_configs_on_restart(self, exists_mock):
|
def test_ensure_configs_on_restart(self, exists_mock):
|
||||||
@ -1595,10 +1596,9 @@ class IPsecStrongswanDeviceDriverLegacy(IPSecDeviceLegacy):
|
|||||||
|
|
||||||
def setUp(self, driver=strongswan_ipsec.StrongSwanDriver,
|
def setUp(self, driver=strongswan_ipsec.StrongSwanDriver,
|
||||||
ipsec_process=strongswan_ipsec.StrongSwanProcess):
|
ipsec_process=strongswan_ipsec.StrongSwanProcess):
|
||||||
super(IPsecStrongswanDeviceDriverLegacy, self).setUp(driver,
|
super().setUp(driver, ipsec_process)
|
||||||
ipsec_process)
|
|
||||||
self.conf.register_opts(strongswan_ipsec.strongswan_opts,
|
self.conf.register_opts(strongswan_ipsec.strongswan_opts,
|
||||||
'strongswan')
|
'strongswan')
|
||||||
self.conf.set_override('state_path', '/tmp')
|
self.conf.set_override('state_path', '/tmp')
|
||||||
self.driver.agent_rpc.get_vpn_services_on_host.return_value = [
|
self.driver.agent_rpc.get_vpn_services_on_host.return_value = [
|
||||||
self.vpnservice]
|
self.vpnservice]
|
||||||
@ -1625,5 +1625,4 @@ class IPsecStrongswanDeviceDriverLegacy(IPSecDeviceLegacy):
|
|||||||
class IPsecStrongswanDeviceDriverDVR(IPSecDeviceDVR):
|
class IPsecStrongswanDeviceDriverDVR(IPSecDeviceDVR):
|
||||||
def setUp(self, driver=strongswan_ipsec.StrongSwanDriver,
|
def setUp(self, driver=strongswan_ipsec.StrongSwanDriver,
|
||||||
ipsec_process=strongswan_ipsec.StrongSwanProcess):
|
ipsec_process=strongswan_ipsec.StrongSwanProcess):
|
||||||
super(IPsecStrongswanDeviceDriverDVR, self).setUp(driver,
|
super().setUp(driver, ipsec_process)
|
||||||
ipsec_process)
|
|
||||||
|
|||||||
@ -75,7 +75,8 @@ class TestDeviceManager(base.BaseTestCase):
|
|||||||
self.conf = cfg.CONF
|
self.conf = cfg.CONF
|
||||||
self.conf.register_opts(common_config.core_opts)
|
self.conf.register_opts(common_config.core_opts)
|
||||||
self.conf.register_opts(agent_config.INTERFACE_DRIVER_OPTS)
|
self.conf.register_opts(agent_config.INTERFACE_DRIVER_OPTS)
|
||||||
self.conf.set_override('interface_driver',
|
self.conf.set_override(
|
||||||
|
'interface_driver',
|
||||||
'neutron_vpnaas.tests.unit.services.vpn.device_drivers'
|
'neutron_vpnaas.tests.unit.services.vpn.device_drivers'
|
||||||
'.test_ovn_ipsec.fake_interface_driver')
|
'.test_ovn_ipsec.fake_interface_driver')
|
||||||
self.host = "some-hostname"
|
self.host = "some-hostname"
|
||||||
@ -85,7 +86,7 @@ class TestDeviceManager(base.BaseTestCase):
|
|||||||
|
|
||||||
def test_names(self):
|
def test_names(self):
|
||||||
mgr = ovn_ipsec.DeviceManager(self.conf, self.host,
|
mgr = ovn_ipsec.DeviceManager(self.conf, self.host,
|
||||||
self.plugin, self.context)
|
self.plugin, self.context)
|
||||||
port = {'id': "0df5beb8-4794-4217-acde-e6ce4875a59f"}
|
port = {'id': "0df5beb8-4794-4217-acde-e6ce4875a59f"}
|
||||||
name = mgr.get_interface_name(port, "internal")
|
name = mgr.get_interface_name(port, "internal")
|
||||||
self.assertEqual(name, "vr0df5beb8-479")
|
self.assertEqual(name, "vr0df5beb8-479")
|
||||||
@ -106,7 +107,7 @@ class TestDeviceManager(base.BaseTestCase):
|
|||||||
}
|
}
|
||||||
|
|
||||||
mgr = ovn_ipsec.DeviceManager(self.conf, self.host,
|
mgr = ovn_ipsec.DeviceManager(self.conf, self.host,
|
||||||
self.plugin, self.context)
|
self.plugin, self.context)
|
||||||
|
|
||||||
with mock.patch.object(ip_lib, 'ensure_device_is_ready') as dev_ready:
|
with mock.patch.object(ip_lib, 'ensure_device_is_ready') as dev_ready:
|
||||||
with mock.patch.object(mgr, 'set_default_route') as set_def_route:
|
with mock.patch.object(mgr, 'set_default_route') as set_def_route:
|
||||||
@ -130,7 +131,7 @@ class TestDeviceManager(base.BaseTestCase):
|
|||||||
network_details = {'transit_port': FAKE_TRANSIT_PORT}
|
network_details = {'transit_port': FAKE_TRANSIT_PORT}
|
||||||
|
|
||||||
mgr = ovn_ipsec.DeviceManager(self.conf, self.host,
|
mgr = ovn_ipsec.DeviceManager(self.conf, self.host,
|
||||||
self.plugin, self.context)
|
self.plugin, self.context)
|
||||||
|
|
||||||
with mock.patch.object(ip_lib, 'ensure_device_is_ready') as dev_ready:
|
with mock.patch.object(ip_lib, 'ensure_device_is_ready') as dev_ready:
|
||||||
dev_ready.return_value = False
|
dev_ready.return_value = False
|
||||||
@ -143,7 +144,7 @@ class TestDeviceManager(base.BaseTestCase):
|
|||||||
|
|
||||||
def test_list_routes(self):
|
def test_list_routes(self):
|
||||||
mgr = ovn_ipsec.DeviceManager(self.conf, self.host,
|
mgr = ovn_ipsec.DeviceManager(self.conf, self.host,
|
||||||
self.plugin, self.context)
|
self.plugin, self.context)
|
||||||
mock_ipdev = mock.Mock()
|
mock_ipdev = mock.Mock()
|
||||||
routes = [
|
routes = [
|
||||||
{'cidr': '192.168.111.0/24', 'via': FAKE_TRANSIT_PORT_IP_ADDRESS}
|
{'cidr': '192.168.111.0/24', 'via': FAKE_TRANSIT_PORT_IP_ADDRESS}
|
||||||
@ -181,7 +182,8 @@ class TestOvnStrongSwanDriver(test_ipsec.IPSecDeviceLegacy):
|
|||||||
conf = cfg.CONF
|
conf = cfg.CONF
|
||||||
conf.register_opts(common_config.core_opts)
|
conf.register_opts(common_config.core_opts)
|
||||||
conf.register_opts(agent_config.INTERFACE_DRIVER_OPTS)
|
conf.register_opts(agent_config.INTERFACE_DRIVER_OPTS)
|
||||||
conf.set_override('interface_driver',
|
conf.set_override(
|
||||||
|
'interface_driver',
|
||||||
'neutron_vpnaas.tests.unit.services.vpn.device_drivers'
|
'neutron_vpnaas.tests.unit.services.vpn.device_drivers'
|
||||||
'.test_ovn_ipsec.fake_interface_driver')
|
'.test_ovn_ipsec.fake_interface_driver')
|
||||||
|
|
||||||
|
|||||||
@ -49,13 +49,13 @@ class FakeSqlQueryObject(dict):
|
|||||||
|
|
||||||
def __init__(self, **entries):
|
def __init__(self, **entries):
|
||||||
self.__dict__.update(entries)
|
self.__dict__.update(entries)
|
||||||
super(FakeSqlQueryObject, self).__init__(**entries)
|
super().__init__(**entries)
|
||||||
|
|
||||||
|
|
||||||
class TestValidatorSelection(base.BaseTestCase):
|
class TestValidatorSelection(base.BaseTestCase):
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
super(TestValidatorSelection, self).setUp()
|
super().setUp()
|
||||||
vpnaas_provider = [{
|
vpnaas_provider = [{
|
||||||
'service_type': constants.VPN,
|
'service_type': constants.VPN,
|
||||||
'name': 'vpnaas',
|
'name': 'vpnaas',
|
||||||
@ -86,7 +86,7 @@ class TestValidatorSelection(base.BaseTestCase):
|
|||||||
|
|
||||||
class TestIPsecDriver(base.BaseTestCase):
|
class TestIPsecDriver(base.BaseTestCase):
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
super(TestIPsecDriver, self).setUp()
|
super().setUp()
|
||||||
mock.patch('neutron_lib.rpc.Connection').start()
|
mock.patch('neutron_lib.rpc.Connection').start()
|
||||||
|
|
||||||
l3_agent = mock.Mock()
|
l3_agent = mock.Mock()
|
||||||
@ -383,9 +383,9 @@ class TestIPsecDriver(base.BaseTestCase):
|
|||||||
'local_endpoints': ['local-sn1', 'local-sn2']}
|
'local_endpoints': ['local-sn1', 'local-sn2']}
|
||||||
|
|
||||||
expected_cidrs = {'peers': ['2002:5000:0000::/48',
|
expected_cidrs = {'peers': ['2002:5000:0000::/48',
|
||||||
'2002:5a00:0000::/48'],
|
'2002:5a00:0000::/48'],
|
||||||
'locals': ['2002:0a00:0000::/48',
|
'locals': ['2002:0a00:0000::/48',
|
||||||
'2002:1400:0000::/48'],
|
'2002:1400:0000::/48'],
|
||||||
'vers': 6}
|
'vers': 6}
|
||||||
fake_service = self.prepare_dummy_query_objects(endpoint_groups)
|
fake_service = self.prepare_dummy_query_objects(endpoint_groups)
|
||||||
expected_dict = self.build_expected_dict_for_endpoints(expected_cidrs)
|
expected_dict = self.build_expected_dict_for_endpoints(expected_cidrs)
|
||||||
|
|||||||
@ -54,10 +54,10 @@ class FakeSqlQueryObject(dict):
|
|||||||
|
|
||||||
def __init__(self, **entries):
|
def __init__(self, **entries):
|
||||||
self.__dict__.update(entries)
|
self.__dict__.update(entries)
|
||||||
super(FakeSqlQueryObject, self).__init__(**entries)
|
super().__init__(**entries)
|
||||||
|
|
||||||
|
|
||||||
class FakeGatewayDB(object):
|
class FakeGatewayDB:
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
self.gateways_by_router = {}
|
self.gateways_by_router = {}
|
||||||
self.gateways_by_id = {}
|
self.gateways_by_id = {}
|
||||||
|
|||||||
@ -60,14 +60,13 @@ class TestVPNDriverPlugin(test_db_vpnaas.TestVpnaas,
|
|||||||
self.driver.validator = driver_validator.VpnDriverValidator(
|
self.driver.validator = driver_validator.VpnDriverValidator(
|
||||||
self.driver)
|
self.driver)
|
||||||
driver_cls.return_value = self.driver
|
driver_cls.return_value = self.driver
|
||||||
super(TestVPNDriverPlugin, self).setUp(
|
super().setUp(vpnaas_plugin=VPN_DRIVER_CLASS)
|
||||||
vpnaas_plugin=VPN_DRIVER_CLASS)
|
|
||||||
# Note: Context must be created after BaseTestCase.setUp() so that
|
# Note: Context must be created after BaseTestCase.setUp() so that
|
||||||
# config for policy is set.
|
# config for policy is set.
|
||||||
self.adminContext = context.get_admin_context()
|
self.adminContext = context.get_admin_context()
|
||||||
|
|
||||||
def test_create_ipsec_site_connection(self, **extras):
|
def test_create_ipsec_site_connection(self, **extras):
|
||||||
super(TestVPNDriverPlugin, self).test_create_ipsec_site_connection()
|
super().test_create_ipsec_site_connection()
|
||||||
self.driver.create_ipsec_site_connection.assert_called_once_with(
|
self.driver.create_ipsec_site_connection.assert_called_once_with(
|
||||||
mock.ANY, mock.ANY)
|
mock.ANY, mock.ANY)
|
||||||
self.driver.delete_ipsec_site_connection.assert_called_once_with(
|
self.driver.delete_ipsec_site_connection.assert_called_once_with(
|
||||||
@ -79,7 +78,7 @@ class TestVPNDriverPlugin(test_db_vpnaas.TestVpnaas,
|
|||||||
return_value=self.driver).start()
|
return_value=self.driver).start()
|
||||||
stm = directory.get_plugin(p_constants.VPN).service_type_manager
|
stm = directory.get_plugin(p_constants.VPN).service_type_manager
|
||||||
stm.add_resource_association = mock.Mock()
|
stm.add_resource_association = mock.Mock()
|
||||||
super(TestVPNDriverPlugin, self).test_create_vpnservice()
|
super().test_create_vpnservice()
|
||||||
self.driver.create_vpnservice.assert_called_once_with(
|
self.driver.create_vpnservice.assert_called_once_with(
|
||||||
mock.ANY, mock.ANY)
|
mock.ANY, mock.ANY)
|
||||||
stm.add_resource_association.assert_called_once_with(
|
stm.add_resource_association.assert_called_once_with(
|
||||||
@ -88,14 +87,14 @@ class TestVPNDriverPlugin(test_db_vpnaas.TestVpnaas,
|
|||||||
def test_delete_vpnservice(self, **extras):
|
def test_delete_vpnservice(self, **extras):
|
||||||
stm = directory.get_plugin(p_constants.VPN).service_type_manager
|
stm = directory.get_plugin(p_constants.VPN).service_type_manager
|
||||||
stm.del_resource_associations = mock.Mock()
|
stm.del_resource_associations = mock.Mock()
|
||||||
super(TestVPNDriverPlugin, self).test_delete_vpnservice()
|
super().test_delete_vpnservice()
|
||||||
self.driver.delete_vpnservice.assert_called_once_with(
|
self.driver.delete_vpnservice.assert_called_once_with(
|
||||||
mock.ANY, mock.ANY)
|
mock.ANY, mock.ANY)
|
||||||
stm.del_resource_associations.assert_called_once_with(
|
stm.del_resource_associations.assert_called_once_with(
|
||||||
mock.ANY, [mock.ANY])
|
mock.ANY, [mock.ANY])
|
||||||
|
|
||||||
def test_update_vpnservice(self, **extras):
|
def test_update_vpnservice(self, **extras):
|
||||||
super(TestVPNDriverPlugin, self).test_update_vpnservice()
|
super().test_update_vpnservice()
|
||||||
self.driver.update_vpnservice.assert_called_once_with(
|
self.driver.update_vpnservice.assert_called_once_with(
|
||||||
mock.ANY, mock.ANY, mock.ANY)
|
mock.ANY, mock.ANY, mock.ANY)
|
||||||
|
|
||||||
@ -181,7 +180,7 @@ class TestVPNDriverPlugin(test_db_vpnaas.TestVpnaas,
|
|||||||
class TestVPNDriverPluginMultipleDrivers(base.BaseTestCase):
|
class TestVPNDriverPluginMultipleDrivers(base.BaseTestCase):
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
super(TestVPNDriverPluginMultipleDrivers, self).setUp()
|
super().setUp()
|
||||||
vpnaas_providers = [
|
vpnaas_providers = [
|
||||||
{'service_type': p_constants.VPN,
|
{'service_type': p_constants.VPN,
|
||||||
'name': 'ipsec',
|
'name': 'ipsec',
|
||||||
|
|||||||
@ -49,7 +49,7 @@ class NoopDeviceDriver(device_drivers.DeviceDriver):
|
|||||||
class VPNBaseTestCase(base.BaseTestCase):
|
class VPNBaseTestCase(base.BaseTestCase):
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
super(VPNBaseTestCase, self).setUp()
|
super().setUp()
|
||||||
self.conf = cfg.CONF
|
self.conf = cfg.CONF
|
||||||
self.ri_kwargs = {'router': {'id': FAKE_ROUTER_ID, 'ha': False},
|
self.ri_kwargs = {'router': {'id': FAKE_ROUTER_ID, 'ha': False},
|
||||||
'agent_conf': self.conf,
|
'agent_conf': self.conf,
|
||||||
@ -59,7 +59,7 @@ class VPNBaseTestCase(base.BaseTestCase):
|
|||||||
class TestVirtualPrivateNetworkDeviceDriverLoading(VPNBaseTestCase):
|
class TestVirtualPrivateNetworkDeviceDriverLoading(VPNBaseTestCase):
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
super(TestVirtualPrivateNetworkDeviceDriverLoading, self).setUp()
|
super().setUp()
|
||||||
cfg.CONF.register_opts(vpn_agent.vpn_agent_opts, 'vpnagent')
|
cfg.CONF.register_opts(vpn_agent.vpn_agent_opts, 'vpnagent')
|
||||||
self.agent = mock.Mock()
|
self.agent = mock.Mock()
|
||||||
self.agent.conf = cfg.CONF
|
self.agent.conf = cfg.CONF
|
||||||
|
|||||||
@ -13,7 +13,6 @@
|
|||||||
# under the License.
|
# under the License.
|
||||||
|
|
||||||
import os
|
import os
|
||||||
import socket
|
|
||||||
import stat
|
import stat
|
||||||
import time
|
import time
|
||||||
|
|
||||||
@ -54,7 +53,7 @@ def execute_cmd_over_ssh(host, cmd, private_key):
|
|||||||
"AUTHENTICATION EXCEPTION WHEN CONNECTING TO %s", host["ip"], e)
|
"AUTHENTICATION EXCEPTION WHEN CONNECTING TO %s", host["ip"], e)
|
||||||
except paramiko.SSHException as e:
|
except paramiko.SSHException as e:
|
||||||
raise Exception("SSH EXCEPTION WHEN CONNECTING TO %s", host["ip"], e)
|
raise Exception("SSH EXCEPTION WHEN CONNECTING TO %s", host["ip"], e)
|
||||||
except socket.error as e:
|
except OSError as e:
|
||||||
raise Exception("SOCKET ERROR WHEN CONNECTING TO %s", host["ip"], e)
|
raise Exception("SOCKET ERROR WHEN CONNECTING TO %s", host["ip"], e)
|
||||||
LOG.debug("CONNECTED TO HOST <%s>", host["ip"])
|
LOG.debug("CONNECTED TO HOST <%s>", host["ip"])
|
||||||
try:
|
try:
|
||||||
@ -254,7 +253,7 @@ def write_key_to_compute_node(keypair, local_path, remote_path, host,
|
|||||||
try:
|
try:
|
||||||
sftp_client = paramiko.SFTPClient.from_transport(transport)
|
sftp_client = paramiko.SFTPClient.from_transport(transport)
|
||||||
sftp_client.put(local_path, remote_path)
|
sftp_client.put(local_path, remote_path)
|
||||||
except IOError as e:
|
except OSError as e:
|
||||||
raise Exception("FILE PATH DOESN'T EXIST", e)
|
raise Exception("FILE PATH DOESN'T EXIST", e)
|
||||||
finally:
|
finally:
|
||||||
transport.close()
|
transport.close()
|
||||||
@ -429,7 +428,7 @@ def get_interfaces(namespace_controller_tuple, private_key):
|
|||||||
namespace, controller = namespace_controller_tuple
|
namespace, controller = namespace_controller_tuple
|
||||||
LOG.debug("GET THE INTERFACES BY USING 'ip a' FROM THE NAMESPACE %s",
|
LOG.debug("GET THE INTERFACES BY USING 'ip a' FROM THE NAMESPACE %s",
|
||||||
namespace)
|
namespace)
|
||||||
cmd = "sudo ip netns exec {} ip a".format(namespace)
|
cmd = f"sudo ip netns exec {namespace} ip a"
|
||||||
interfaces = execute_cmd_over_ssh(controller, cmd, private_key)
|
interfaces = execute_cmd_over_ssh(controller, cmd, private_key)
|
||||||
LOG.debug("INTERFACES %s", interfaces)
|
LOG.debug("INTERFACES %s", interfaces)
|
||||||
return interfaces
|
return interfaces
|
||||||
@ -621,7 +620,7 @@ def delete_keyfiles(local_key_files, remote_key_files=None,
|
|||||||
if ns_compute_tuples:
|
if ns_compute_tuples:
|
||||||
LOG.debug("DELETING RALLY KEY FILES FROM COMPUTE HOSTS")
|
LOG.debug("DELETING RALLY KEY FILES FROM COMPUTE HOSTS")
|
||||||
for key, ns_comp in zip(remote_key_files, ns_compute_tuples):
|
for key, ns_comp in zip(remote_key_files, ns_compute_tuples):
|
||||||
cmd = "sudo rm -f {}".format(key)
|
cmd = f"sudo rm -f {key}"
|
||||||
host = ns_comp[1]
|
host = ns_comp[1]
|
||||||
execute_cmd_over_ssh(host, cmd, private_key)
|
execute_cmd_over_ssh(host, cmd, private_key)
|
||||||
|
|
||||||
|
|||||||
@ -1,4 +1,3 @@
|
|||||||
# -*- coding: utf-8 -*-
|
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
# you may not use this file except in compliance with the License.
|
# you may not use this file except in compliance with the License.
|
||||||
# You may obtain a copy of the License at
|
# You may obtain a copy of the License at
|
||||||
|
|||||||
@ -35,7 +35,7 @@ class ASTWalker(compiler.visitor.ASTVisitor):
|
|||||||
compiler.visitor.ASTVisitor.default(self, node, *args)
|
compiler.visitor.ASTVisitor.default(self, node, *args)
|
||||||
|
|
||||||
|
|
||||||
class Visitor(object):
|
class Visitor:
|
||||||
|
|
||||||
def __init__(self, filename, i18n_msg_predicates,
|
def __init__(self, filename, i18n_msg_predicates,
|
||||||
msg_format_checkers, debug):
|
msg_format_checkers, debug):
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user